Outlook addin same origin policy RRS feed

  • Question

  • I am developing an addin for outlook that is deployed on lets say "" for company abc. 

    Now abc company also has a domain "". So, my app deployed at "" needs to redirect to "" for getting the credential and validating the user.

    Am i making a valid request. I ask this question because I am reading the security policy of microsoft and below is the paragraph which bothers me.

    Can anyone help please.

    From MS guid:

    Because Office Add-ins are webpages that run in a web browser control, they must follow the same-origin policy enforced by the browser: by default, a webpage in one domain can't make XmlHttpRequest web service calls to another domain other than the one where it is hosted.

    Monday, April 2, 2018 2:07 PM

All replies

  • Hello rhtsingh28,

    According to your description, you are developing an Outlook Add-ins using Office Javascript API rather than an VSTO add-in.

    For issue of Office Add-ins, please refer to below thread to post it to StackOverflow.

    Post Outlook Add-ins questions to StackOverflow.

    Best Regards,


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact

    Tuesday, April 3, 2018 10:02 AM