Tom Talks Microsoft Teams and Microsoft 365 news and opinions

Modern Authentication for Microsoft Teams Rooms

Modern authentication is a Microsoft umbrella term for a combination of secure authentication and authorization methods between a client and a server. This might include a PC or a phone.

It includes:

  • Authentication methods: Multi-factor authentication (MFA); smart card authentication; client certificate-based authentication
  • Authorization methods: Microsoft’s implementation of Open Authorization (OAuth)
  • Conditional access policies: Mobile Application Management (MAM) and Azure Active Directory Conditional Access

Modern authentication is on by default in the following:

  • Exchange Online
  • Microsoft Teams
  • Skype for Business Online
  • SharePoint Online (for new tenants)

For tenants created before August 1, 2017, modern authentication is off by default for Exchange Online and Skype for Business Online.

Modern Authentication with Microsoft Teams Rooms

Modern authentication

When using modern authentication with the Microsoft Teams Rooms application, Active Directory Authentication Library (ADAL) and OAuth 2.0 connects to Microsoft Teams, Exchange, and Skype for Business.

Modern Authentication support is available in MTR version 4.4.25.0 which will roll out to all customers within this month. Release notes here

Microsoft Teams Rooms are shared devices. They self perform a nightly reboot to ensure smooth functioning and to get a critical operating system, driver, firmware, or application updates.

Therefore, Microsoft Teams Rooms resource accounts shouldn’t be configured to use multi-factor authentication (MFA), smart card authentication, or client certificate-based authentication (which are all available for end-users).

This mechanism uses the resource owner password credentials authorization grant type in OAuth 2.0, which doesn’t require any user intervention.

Full details: Authentication in Microsoft Teams Rooms

Microsoft Teams Rooms and Intune

You can also enroll Microsoft Teams Rooms in Microsoft Intune and apply compliance policies by using the guidance provided in Managing Teams Meeting Rooms with Intune.

Reference:

Hybrid overview and prerequisites for using it with on-premises Skype for Business and Exchange servers

About the author

Tom Arbuthnot

A Microsoft MVP and Microsoft Certified Master, Tom Arbuthnot is Principal Solutions Architect at Microsoft Collaboration specialists Modality Systems.

Tom stays up to date with industry developments and shares news and his opinions on his blog, Microsoft Teams Podcast and email list. He is a regular speaker at events around the world.

Add comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Tom Talks Microsoft Teams and Microsoft 365 news and opinions