How to know if I can trust an SPFX webpart?
I am in the process of implementing an spfx webpart but before I need to make sure it is not a security threat. From researching I was not able to find if there is any way to run a check or provide a validation that the webpart is safe for the organization as it does ask for Graph API permissions, I do not think there is any issues with it, but I need to be able to have cleareance. This is the webpart: https://github.com/pnp/sp-dev-fx-webparts/tree/main/samples/react-accordion-dynamic-section
How to securize redirection with Azure AD in a WebPart?
I have developed a Sharepoint Webpart. The aim of this component is simple, authenticate the user in an external website that is embedded inside de Sharepoint. The external website uses Azure AD to login the users. The problem that I have is the following. I know how to get obtain an access token, and the component works fine, with a great security leak. This is that I have public render(): void { token="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; <iframe img src="https://www.example.org/oauthCallback.html?token="+token/> } For this reason, I'm trying to change for something like: public render(): void { <iframe img src="Azure redirection"/> } Azure redirection -> verify the user context with Azure AD -> redirect the callback to https://www.example.org/oauthCallback.html I want securize this process with Azure AD, but I don't know how to do. Any idea? Regards
Can't configure external sharing per site basis for SharePoint site that is connected to O365 Group
Hi There,, I have a security-related concern and was talking to the Microsoft support team and was advised to post my concern here for the developer to take a look... Please see the concerns originally posted with the link below... https://techcommunity.microsoft.com/t5/sharepoint/can-t-configure-external-sharing-per-site-basis-for-sharepoint/m-p/2231211 Thanks
