Open HugoLd opened 2 weeks ago
Hi @HugoLd, to address the issue with SSO with 3P cookie blocking in the browser, please refer to the following article: https://devblogs.microsoft.com/identity/managed-devices-for-blocked-third-party-cookies/
Also, a long-term solution you can also explore nested app authentication (NAA) - the details are here: https://learn.microsoft.com/en-us/office/dev/add-ins/develop/enable-nested-app-authentication-in-your-add-in
@shighosh-msft the NAA looks good but not yet available on the new outlook(one of our main target) and it's suggested not to use it in production for now. As I am reading, I see that chrome started their next phase (disabling third party cookies for all users) on Q3, so it looks like we are running out of time to migrate. Do you have any informations about the planned timeline to support the new outlook ? Just to know if it's a matter of weeks and we should wait or if we have to find something else. The other link didn't seem very suitable for our needs.
Hi @HugoLd We have rolled out support for NAA on New Outlook from 7th October.
This issue has been automatically marked as stale because it is marked as needing author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. Thank you for your interest in Office Add-ins!
Provide required information needed to triage your issue
I created an add-in (using the new integrated spam reporting feature) on which I need SSO to work.
I configured properly the WebApplicationInfo and everything works fine on most people's browser, but after some clients complaints, I investigated and found out some browsers block third-party cookies by default(brave, but chrome plan to do it by default as well). I'm able to reproduce the problem in chrome when I disable manually the third-party cookies,
As chrome is the main browser and plan to disable them by default, I'm worried about the future of this add-in.
Any workaround ?
Your Environment
Any browser with disabled third party cookies
Expected behavior
Have a way to manage SSO on browser refusing third-party cookies
Current behavior
Authentication doesn't work
Steps to reproduce
Disable third party cookies in the browser Setup an outlook add-in with WebApplicationInfo and call Office.auth.getAccessToken
Context
Some of my users are unable to use the add-in(I can't make them enable third-party manually), but likely in the next years no users will be able to use it anymore. Could be link to this ticket : https://github.com/OfficeDev/office-js/issues/2993
Useful logs