May 27 2021
- last edited on
Jan 14 2022
We know that latest M365 desktop apps (word, excel, teams etc) leverages WAM (web account manager ) for their sign-in flows.
Web Account Manager (WAM) is more or less like SSPI, except it has a different API model and handles UI natively.
So my question is,
when desktop app uses WAM to get a token, if WAM wants to do any interactive work with the user, for eg., perform second-factor
even collecting a brand new username-password (because user decided to use different account), all these interactive flows happen through native WAM UI or any kind of browser-context is involved ?