Authenticate users in Microsoft Teams
To access user information protected by Azure Active Directory (AAD) and to access data from services like Facebook and Twitter, the app establishes a trusted connection with those providers. If the app uses Microsoft Graph APIs in the user scope, authenticate the user to retrieve the appropriate authentication tokens.
In Teams, there are two different authentication flows for the app. Perform a traditional web-based authentication flow in a content page embedded in a tab, a configuration page, or a task module. If the app contains a conversational bot, use the OAuthPrompt flow and optionally the Azure Bot Framework's token service to authenticate a user as part of a conversation.
Web-based authentication flow
- Add authentication to the Teams bot describes how to use web-based authentication flow with a conversational bot.
- Authentication flow in tabs describes how tab authentication works in Teams. This shows a typical web-based authentication flow used for tabs.
- AAD authentication in tabs describes how to connect to AAD from within a tab in the app in Teams.
- Silent authentication AAD describes how to reduce sign-in or consent prompts in the app using AAD.
The OAuthPrompt flow for conversational bots
The Azure Bot Framework’s OAuthPrompt makes authentication easier for apps using conversational bots. Use Azure Bot Framework's token service to assist with token caching.
For more information on using OAuthPrompt, see:
- Bot authentication flow overview describes how authentication works within a bot in the app in Teams. This shows a non-web-based authentication flow used for bots on Teams web, desktop app, and mobile apps.
- Bot authentication describes how to add OAuth authentication to the Teams bot.
provides Bot authentication v3 SDK sample.
|Bot authentication||This sample shows how to get started with authentication in a bot for Microsoft Teams.||View||View||View|
Configure the identity provider
Regardless of the app's authentication flow, configure the identity provider to communicate with the Teams app. Most samples and walkthroughs primarily deal with using AAD as the identity provider. The concepts, however, apply regardless of the identity provider.
For more information, see configuring an identity provider.