LogoLogo
Provectus Technologies GmbH
  • Introduction
    • Secure Contacts App (SCA) - Safe & GDPR Compliant
    • Technical / Security Overview
    • Editions
    • Requirements
  • Quickstart Guide
    • iOS (MAM) - Steps to activate SCA in your Entra Tenant
      • Step 1 -MAM- Register Enterprise App
      • Step 2 -MAM- Add App Protection Policy
      • Step 3 -MAM- Add Conditional Access Policy
      • Step 4 -MAM- Add App Configuration Policy
    • iOS (Intune Managed Device) - Steps to activate SCA in your Entra Tenant
      • Step 1 -MDM- Register Enterprise App
      • Step 2 -MDM- Add App Protection Policy
      • Step 3 -MDM- Add Conditional Access Policy
      • Step 4 -MDM- Add App Configuration Policy
    • Android (Android Enterprise) - Steps to activate SCA in your Entra Tenant
      • Step 1 -AE- Register Enterprise App
      • Step 2 -AE- Add App Configuration Policy
    • Android (aMAM) - Steps to activate SCA in your Entra Tenant
      • Step 1 -aMAM- Register Enterprise App
      • Step 2 -aMAM- Add App Configuration Policy
      • Step 3 -aMAM- Add App Protection Policy
      • Step 4 -aMAM- Add Conditional Access Policy
    • Additional Datasource for SCA
    • Best-Practice Guide for SCA
  • Enduser guide
    • iOS - Onboarding SCA
    • iOS - activate Caller Identification
    • iOS - Userguide
    • iOS - App Manual
      • Contacts page
      • Contacts Sync
      • Contact information
      • Contact settings menu
      • Side menu
      • Logviewer
      • Help menu
      • vCard
    • Android Enterprise - Userguide
  • Documentation
    • Authentication
      • Enterprise Application
      • Conditional Access
        • CA with SCA - Require Complaint Device
        • SCA with CA - Require App Protection Policy
    • Deployment SCA
      • iOS - App Installation
      • Android - App Installation
      • App Configuration
        • iOS - MobileDeviceManagement (MDM) protocol
        • Android - App Restrictions
        • AppConfigurationPolicies
          • iOS - App Configuration Policies - MAM Integration in Microsoft Intune
          • Android - App Configuration Policies - MDM Integration in Microsoft Intune
      • App Protection Policy - Integration in Microsoft Intune
        • APP - unmanaged Devices
        • APP - managed Devices
        • Requirement - Open phone-settings
        • Requirement - Open Maps app
        • Requirement - Open GoogleMaps app
        • Requirement - Open WebExTeams
        • Requirement - Open WhatsApp
        • Requirement - Open Facetime
        • Requirement - Open email-link from SCA in Outlook
      • Deployment for your Devices in Intune
        • Deployment iOS - MAM-WE - APP only
        • Deployment iOS MDM - Managed & Complaint Device
        • Deployment iOS MDM - Managed Device & APP
        • Deployment Android MDM - Managed Device
    • App Configuration Policy -Name/Values for SCA
      • SCA Configuration - SecContacts.Defaults
      • SCA Configuration - SecContacts.Licenses
      • SCA Configuration - AAD filters
      • SCA Configuration - AAD groups
      • SCA Configuration - Connect additional Datasource
      • SCA Configuration - Custom Datasource Names
      • SCA Configuration - CI Customization
    • Data Sources
      • AAD - Azure Active Directory
      • GAL - Global Address List
      • APC - Personal Outlook Contacts
      • D365 - Dynamics 365
      • DVRS - Dataverse
      • ABS - Azure Blob Storage
      • SMC - Shared Mailbox Contacts
    • Valid phone numbers for SCA
    • iOS and Android version of SCA in comparison
  • Additional Information
    • Troubleshooting
    • Frequently Asked Questions (FAQ)
    • Phone number handling defaults changed in release v2.0.19
    • Links
    • Product Page - Secure Contacts App
Powered by GitBook
On this page

Was this helpful?

  1. Documentation

Authentication

Authentication of SCA is based on Microsoft Authentication Library (MSAL).

It allows authentication and acquire tokens from Azure Active Directory (AAD) to access company data. MSAL is used to log in to the SCA against the Microsoft Azure AD Enterprise App “Secure Contacts App” using a AAD account. This Azure Enterprise App is basically the service principal for SCA in your tenant. It is the local representation of the global application object of SCA. In terms of authentication, the Enterprise App acts as a trusted client that can authenticate users and request tokens on their behalf.

In other words, it defines what the app can actually do in your tenant, who can access the app, and what resources the app can access.

App ID: “Provectus - Secure Contacts” is 20429334-d869-476e-8a65-ea300a327985.

The configuration of Azure AD Authentication and user account security (password, login factors, etc.) is done by you. So you decide which account security configuration is to be made. Microsoft Conditional Access is used to control which devices can use the app. This makes it possible to decide, that e.g. the app is only be used on company-owned devices, devices managed via MDM, or private devices.

We recommend to use App Configuration Policy & App Protection Policy in Intune and additionally enforce your Configuration via Conditional Access.

The configuration of the Microsoft Conditional Access Policies is done by you. You are able to decide about the configuration, e.g. which users access is allowed or not.

We only make recommendations in this regard.

Last updated 9 months ago

Was this helpful?