Outlook Add-in Web App could be hosted in Cloud(AWS) but what's the authentication mechanism to make Web App secured in cloud and not accessible by any unauthorized Users by directly accessing URL of Web App.
Manifest.xml has 'SourceLocation' element to specify URL of default landing page but no provision to explicitly define authentication.
It would be appreciable if could share what configuration, Authentication and best practices to be implemented while hosting Web App hosting in AWS for following best security practices.