How can I securely host an Office Add-in home.html? RRS feed

  • Question

  • I have been looking into Outlook Add-ins and I am able to create some anonymously hosted home.html files successfully.

    For me to be able to use this for my customers though I will need to be able to host these files securely within their environment.

    I cannot find any articles on MSDN about how to securely host web add-ins for O365 access.

    Where does home.html live securely?

    I have looked into Azure but I am having issues with that -

    Figured I would ask the broader question here to see 1) if anyone could help with my immediate issue and 2) whether or not I was asking the right question.



    Wednesday, November 18, 2015 3:58 PM

All replies

  • Hi Marky,

    >> I am able to create some anonymously hosted home.html files successfully.

    What do you mean with “anonymously hosted home.html”, and what do you mean with “host these files securely within their environment.”? Do you mean you want to add User Authentication before the home.html load? I am not sure what you want with “home.html live securely”.

    >> I have looked into Azure but I am having issues with that -

    How did you use Azure with outlook add-ins? Was this home.html created by yourself or it was created by outlook add-ins? If it was created by you, based on this error situation, I suggest you try to add the code below to the header of Home.html files.

    <script src="" type="text/javascript"></script>

    It would be helpful if you could share us more details about your requirement.

    Best Regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, November 19, 2015 9:43 AM
  • Edward - thanks for the response. My apologies for not being specific enough.

    I used napa development studio to create the basic out of the box example

    I then downloaded the example files and hosted them anonymously on an Azure website.

    I changed the manifest file to point to the home.html, distributed it through Exchange and it worked. I am able to create and distribute an example Add in.

    My requirement is that I want the home.html to be secure. If I am to distribute an addin, within a corporate environment, I may not have the ability to have it available without authentication. (i.e. no anonymous access to the home.html)

    Because the Outlook application needs to download and run the home.html file I have no control over the authentication to download it through the application.

    So my question is really around the securing of the home.html file which Outlook is using for the add-in and the ability for the client or web page to have the user gain access to it.

    The site is now a protected site and the plugin fails - looks like I am getting an oAuth callback loop when it is trying to load

    So if that helps - the question is can I host an Outlook add-in on a site which requires authentication ?

    thanks again


    (I would post images but I need my account verifying)

    Thursday, November 19, 2015 8:35 PM
  • Hi Marky

    The official MS support for Office JS APIs is - contradictorily - on StackOverflow. That's where the engineers monitor the tag: office-js

    Cindy Meister, Office Developer/Word MVP, <a href=""> my blog</a>

    Friday, November 20, 2015 5:26 PM
  • huh - ok thanks - appreciate that - will do :)
    Friday, November 20, 2015 6:57 PM