# Authentication ## Authentication in Secure Contacts App (SCA) Secure Contacts App (SCA) utilizes **Microsoft Authentication Library (MSAL)** to securely authenticate users via **Azure Active Directory (AAD)**. This authentication framework ensures that only authorized users can access the app, safeguarding both personal and organizational contact data. #### Enterprise Application in Your Tenant SCA is **registered and consented as an enterprise application in your Azure AD tenant**. This configuration enables your organization to: * Control which users have access to the app * Manage permissions and access centrally * Enforce organizational security and compliance policies Once the application is consented, user authentication is handled through your tenant, ensuring secure and controlled access. For detailed guidance on registering and consenting the enterprise application, refer to the [Enterprise Application documentation](/documentation/authentication/enterprise-application.md). {% hint style="info" %} SCA App ID: “Provectus - Secure Contacts” is 20429334-d869-476e-8a65-ea300a327985. {% endhint %} #### User Authentication Authenticated users gain access to both personal and organizational contacts. MSAL facilitates secure communication between the app and Azure AD, providing a consistent login experience across platforms. #### Security Enhancements * **Conditional Access**: Enforces requirements such as compliant devices or multi-factor authentication for secure access. * **App Protection Policies (MAM)**: Protects organizational data on both managed and BYOD devices. #### Platform Consistency SCA employs the same authentication flow for **iOS** and **Android**, ensuring uniform security and functionality across devices. ### Best Practices * Ensure the [SCA enterprise application](/documentation/authentication/enterprise-application.md) is properly **registered and consented** in your tenant. * Align [Conditional Access](/documentation/authentication/conditional-access.md) and App Protection Policies with your organization’s security requirements. * Maintain consistent authentication configurations across all devices. * Monitor authentication logs to detect and address potential issues promptly. ### Summary Authentication in SCA combines the security of Azure AD, MSAL, and enterprise controls to protect access and data. Utilizing a **registered and consented enterprise application** ensures that your organization retains control over access, permissions, and compliance policies. The following chapters will cover: 1. [How to import and consent the SCA enterprise application](/documentation/authentication/enterprise-application.md) 2. [How to configure Conditional Access policies](/documentation/authentication/conditional-access.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.secure-contacts.com/documentation/authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.