OfficeDocs-SkypeForBusiness icon indicating copy to clipboard operation
OfficeDocs-SkypeForBusiness copied to clipboard

Published 20 hours ago verified publisher icon MicrosoftDocs

Documentation is not clear regarding "Allow interaction with custom apps" org-wide setting

Open orandev opened this issue 2 years ago • 0 comments

Hello, "Allow interaction with custom apps" description in the Teams admin center and in the docs.microsoft.com page is not clear, based on what we saw by testing the 2 values for this setting (or we do not have the same definition of "Custom App"). Our use case was to forbid users from chatting with externals bots by deeplink (bot apps not uploaded to our tenant by a Teams admin, i.e. this feature: https://learn.microsoft.com/en-us/microsoftteams/platform/bots/how-to/debug/locally-with-an-ide#talk-to-your-bot-directly-by-id ; deeplink is like "https://teams.microsoft.com/l/chat/0/0?users=28:< GUID >"), but to allow them to use apps uploaded by a Teams admin in the "Manage apps" page of the Teams admin center (upload of a zip file). And this can be done only by setting "Allow interaction with custom apps" to "Off", which is counter-intuitive and does not correspond to what is in the documentation, according to me.

You say: "The Allow interaction with custom apps org-wide custom app setting on the Manage apps page applies to everyone in your organization and governs whether they can upload or interact with custom apps. This setting acts as a master on/off switch for the user and team custom app policy settings. It's intended to serve as a master on/off switch during security events." I think you should say: "The Allow interaction with custom apps org-wide custom app setting on the Manage apps page applies to everyone in your organization and governs whether they can upload or interact with custom apps (it does not govern interaction with custom apps uploaded by a Teams Service Admin or a Global admin). This setting acts as a master on/off switch for the user and team custom app policy settings. It's intended to serve as a master on/off switch during security events."

You say: "Interaction with all custom apps is blocked for your organization" I think you should say: "Interaction with all custom apps is blocked for your organization. Interaction with custom apps uploaded by a Teams Service Admin or a Global admin is still allowed, if the custom app has the 'Allowed' status."

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

orandev avatar Sep 19 '22 08:09 orandev