desktop app - WAM integration

%3CLINGO-SUB%20id%3D%22lingo-sub-2391747%22%20slang%3D%22en-US%22%3Edesktop%20app%20-%20WAM%20integration%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2391747%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20know%20that%20latest%20M365%26nbsp%3B%20desktop%20apps%20(word%2C%20excel%2C%20teams%20etc)%26nbsp%3B%20leverages%26nbsp%3B%20WAM%20(web%20account%20manager%20)%20for%20their%20sign-in%20flows.%3C%2FP%3E%3CP%3E%3CSPAN%3EWeb%20Account%20Manager%20(WAM)%20is%20more%20or%20less%20like%20SSPI%2C%20except%20it%20has%20a%20different%20API%20model%20and%20handles%20UI%20natively.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ESo%20my%20question%20is%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3Ewhen%20desktop%20app%20uses%20WAM%20to%20get%20a%20token%2C%26nbsp%3B%20if%20WAM%20wants%20to%20do%20any%20interactive%20work%20with%20the%20user%2C%20for%20eg.%2C%26nbsp%3B%20perform%20second-factor%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3BOR%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3E%26nbsp%3Beven%20collecting%20a%20brand%20new%20username-password%20(because%20user%20decided%20to%20use%20different%20account)%2C%26nbsp%3B%20%3CSTRONG%3E%26nbsp%3Ball%20these%20interactive%20flows%20happen%20through%26nbsp%3B%20native%20WAM%20UI%26nbsp%3B%20%26nbsp%3Bor%26nbsp%3B%20%26nbsp%3Bany%20kind%20of%26nbsp%3B%20browser-context%20is%20involved%26nbsp%3B%26nbsp%3B%3F%3C%2FSTRONG%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2391747%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Contributor

Hello,

 

We know that latest M365  desktop apps (word, excel, teams etc)  leverages  WAM (web account manager ) for their sign-in flows.

Web Account Manager (WAM) is more or less like SSPI, except it has a different API model and handles UI natively.

 

So my question is,

when desktop app uses WAM to get a token,  if WAM wants to do any interactive work with the user, for eg.,  perform second-factor 

 OR

 even collecting a brand new username-password (because user decided to use different account),   all these interactive flows happen through  native WAM UI   or   any kind of  browser-context is involved  ?

 

Thanks.

 

0 Replies