Does 365 single sign on to an app that is not part of Microsoft services, count as a third party integrated application?

Question

Hi team,

I am currently doing a research about third party application within our organization and one of the topic is "Ensure third party integrated applications are not allowed (Manual)". I am currently listing all of our applications in Intune and putting them in a list/table on which apps has integrations with our 365 accounts.

We have multiple applications that can be used for single sign on such as 8x8 application. 8x8 has a single sign on feature for our Microsoft accounts, does that count or fall under the "Third Party"? I think the answer is no as single sign on as a different feature? any help would be greatly appreciated.

Answer 1

Hello

Maybe can help you with your question:

1. Third-Party Applications: Generally, third-party applications are those that are developed by an entity outside your organization and are not natively included within your primary software systems. They might require access to your data or services to function effectively.
2. Single Sign-On (SSO): SSO is a user authentication process that allows a user to access multiple applications with one set of login credentials. An application that supports SSO for Microsoft accounts (like 8x8) is often not considered a "third-party application" solely because it supports SSO, as long as it operates under the guidelines established by your organization and has proper security measures in place.

The classification of 8x8 as a third-party application depends on its overall access to organizational data and how it operates with Microsoft 365 services. If it is an external application that utilizes SSO but otherwise connects to or integrates with Microsoft resources, it may still fall under the umbrella of "third-party" applications. Therefore, it would be wise to include it in your list along with any necessary details about its integration and access permissions.