A repo and NPM package for Office.js, corresponding to a copy of what gets published to the official "evergreen" Office.js CDN, at https://appsforoffice.microsoft.com/lib/1/hosted/office.js.
Microsoft has released additional Conditional Access Policies for personal devices, allowing organisations to prevent copying/pasting of Outlook emails when using personal devices.
Two controls cause an issue , one to block copy and paste and the other to block downloads.
If either of these policies are in place and active, a user cannot sign into the add-in as the login redirect to the Single-Sign-On service never completes successfully, resulting in a blank page and no way to sign in.
Hi @carlosb1504 apologies for the delay in response on this. Can you please check if in your XML manifest and if adding the .mcas.ms suffixed URL helps resolve the issue?
Summary
Users are unable to SSO log into addin using personal devices when Microsoft MCAS policies are in place
Your Environment
Expected behavior
Users can log into addin using personal devices when Microsoft MCAS policies are in place
Current behavior
Users can't log into the addin with SSO. Fails due to the SSO redirect not having the .mcas.ms
Steps to reproduce
User can Initialise SSO login by signing in via the taskpane or by sending an email that would prompt the user to sign in.
Provide additional details
Context
Microsoft has released additional Conditional Access Policies for personal devices, allowing organisations to prevent copying/pasting of Outlook emails when using personal devices.
Two controls cause an issue , one to block copy and paste and the other to block downloads.
If either of these policies are in place and active, a user cannot sign into the add-in as the login redirect to the Single-Sign-On service never completes successfully, resulting in a blank page and no way to sign in.