Know about the testing done by Microsoft for all Teams apps
Microsoft requires an app to pass mandatory and strict validation tests before listing it in the AppStore for users to use. The testing applies to all apps in the Teams app store. In addition, Microsoft strongly encourages app developers to participate in an optional certification of apps that indicates enhanced compliance, security, and privacy controls.
All the apps are mandatorily required to adhere to the Microsoft App Certification policies. The Teams store team performs more than 400 tests to ensure that the apps are usable and adhere to high standards of privacy and security.
To know the detailed validation guidelines that app developers adhere to, see Validation guidelines for developers. The guidance is based on the Certification policies for Teams apps.
Note
Validation and checks by Microsoft are available only for app available in the app store and are not available for custom apps. App developers submit these apps within for use in their organization or provide these app to be used in a customer's tenant.
App validation and testing
We execute 400+ test cases for every app before it's made available on the Teams Store. The tests ensure appropriate functionality, user experience, and security, and ensure that all apps comply with the publicly listed CMO policies. Following are some of the tests carried out by Microsoft App Validation team for every app before it's published:
- Ensure that Graph permissions requested by the app are really the ones that the app functionality needs and not any extra permissions. Graph permissions for existing apps are regularly checked to ensure that apps don't require extra permissions.
- Apps that require users to sign in have a sign-out option.
- Developers of all apps undergo a detailed verification process on Microsoft Partner Center. The verification includes email verification, business verification and more. To know more about app publishing, see How developers create a Partner Center account, Submission guide for developers, and How developers publish apps.
- Only apps from verified developers can seek Graph permissions from users.
- No app can download an executable file.
- Apps are tested to not contain ads, promotion for other apps.
- Apps are tested to be work appropriate with no offensive language, cyber-attack bots, spam, or scam content.
- All links in an app are functional and related only to the app offering.
- We test and evaluate all the published Teams app regularly as part of app store health checks.
- Privacy policy and Terms of use that cover Teams apps are provided by the app developer.
- The contact details of the app developer are available in the store listing and on their respective Publisher attestation pages.
In addition, Microsoft encourages the app developers to participate in its compliance program that is a rigorous, two-tier approach to ensure app quality, security, and compliance. Teams store has hundreds of apps that go beyond fulfilling the already detailed validation guidelines and comply with these programs.