-
Notifications
You must be signed in to change notification settings - Fork 0
Authentication
Kenneth C. Arnold edited this page Oct 31, 2024
·
2 revisions
Goal: A simple login system.
Why:
- We need to ensure that only people we authorize can run the add-in (e.g., the Microsoft app store reviewers).
- We need to link logs to people for debrief interviews.
- We want to avoid maintaining our own password database (i.e., federated auth is ideal).
The work is split over two branches:
- the
auth0branch addresses the restrictions of the Word dialog API, e.g., using a popup.jsx. See https://github.com/AIToolsLab/writing-tools/blob/auth0/add-in/src/pages/login/index.tsx -- but it doesn't use the React client library, and incorrectly handles the access tokens (i.e., backend doesn't work) - the
devbranch uses the React client library to do the right thing regarding access tokens, but doesn't actually play right by the restrictions of the Word dialog API. https://github.com/AIToolsLab/writing-tools/commit/6bc14bc3885ef188d74ffb58838d2441ae490964
Enable SSO in an Office Add-in using nested app authentication - Office Add-ins | Microsoft Learn
- https://github.com/OfficeDev/Office-Add-in-samples/blob/main/Samples/auth/Office-Add-in-Microsoft-Graph-React/utilities/office-apis-helpers.ts#L38
- https://techcommunity.microsoft.com/t5/microsoft-entra-blog/microsoft-entra-external-id-public-preview-developer-centric/ba-p/3823766
- https://learn.microsoft.com/en-us/entra/identity-platform/msal-acquire-cache-tokens
- https://www.npmjs.com/package/@azure/msal-react
- https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-react/docs/getting-started.md
- Quickstart - Add app authentication to a web app - Azure App Service | Microsoft Learn