cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Team App Permission Policies and App roll-out ring

Gottfried Jocham
Brass Contributor

‎Dec 17 2021 11:31 AM

‎Dec 17 2021 11:31 AM

Team App Permission Policies and App roll-out ring

Hello,

 

our development department is constantly extending teams with new apps that should follow a staged roll-out deployment.

First only an inner ring (developers) should be able to use the developed app, followed by a pilot-user ring. Finally when everything works as expected the app should be made available to all users.

I wonder if there is a preferred way to design the app permission policies to achive that?

 

Please correct me if I'm wrong, but AFAIK permission policies don't accumulate each other, meaning custom policies don't include the allowed (or block excluded) apps from the global (org-wide) policy, which would help in that case.

As this seems not to be the case, we currently have 3 permission policies (Dev, Pilot-User, Global) for that single purpose. What should we do in the future, if we have multiple apps (either self-developed, Microsoft, or Third-party) that should follow our ring approach as well? We can only assign 1 policy to a user at any point, so it would get quite complicated keeping the "approved" and globally rolled out apps in sync with the custom apps.

Maybe I missed any essential point here but if not I would really welcome any other views on that.

Labels:
947 Views
1 Like
2 Replies
Reply
2 Replies
RealTime_M365

‎Dec 17 2021 11:59 AM

‎Dec 17 2021 11:59 AM

Re: Team App Permission Policies and App roll-out ring

Hi,

My recommendation would be to keep three separate group. One Group for developers, Second Group for Pilot Users and Third Group for End Users.

Using this approach only you would be able to roll out the apps to all the users. I assume this is the current way how we have configured the environment as well.

With Regards,
Satish U
0 Likes
Reply
Gottfried Jocham

‎Dec 19 2021 10:51 PM

‎Dec 19 2021 10:51 PM

Re: Team App Permission Policies and App roll-out ring

Thank you for your resonse @RealTime_M365 

 

Do you mean to assign the app to individual teams like mentioned here Manage your apps in the Microsoft Teams admin center - Microsoft Teams | Microsoft Docs?

 

That would only work for apps in the team scope, but not for apps in the personal scope.

 

To be honest, I don't have any clue how to achive that. Do you have any link to a guideline where this approach is described in more detail?

 

best regards

Gottfried

0 Likes
Reply