-
Notifications
You must be signed in to change notification settings - Fork 247
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Token handling in clients that don't support SSO #3579
Comments
Thanks for raising this issue @ChristianGalla. @davidchesnut, could you please help provide clarity here? |
I'm investigating if it is possible to take advantage of MSAL caching to avoid signing in the user repeatedly. Hope to have an answer soon. |
@ChristianGalla I do have this working in a PR for Excel/Word/PowerPoint. See PR 370 here. And specifically the updates to the fallbackAuthTaskpane.js file. MSAL caches the token in local, storage, or cookie storage. You configure that when setting up the config parameters. I have not yet tested this with Outlook. That will take some more time. But if the local storage or session storage is persisted between add-in activations (such as each time a compose mail item is opened) this seems like it should work. No guarantees, but I'll update here once I have more info. |
In the current documentation, there are multiple hints, that access tokens should never be cached in client code.
Unfortunately, there are many companies that are still using the still supported Office versions 2016 and 2019 without SSO support.
So, while this is a good approach in modern Office versions, not caching tokens means to show a fallback authentication prompt for each backend request in Office versions that don't support SSO. There is no user acceptance for so many prompts. Even one prompt each time an Add-In is opened is very ugly if the Add-In is heavily used (for example for each new Outlook mail).
If SSO is not back ported to Office 2016 / 2019 for commercial licenses, it should at least be allowed to cache tokens in these applications. (SSO already works in Office 2016 / 2019 when using a consumer license)
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
The text was updated successfully, but these errors were encountered: