What is the simplest way to secure an api called from microsoft teams app

Guy Kedar 1 Reputation point

I am trying to develop a simple microsoft teams tab app, and feel like I'm getting lost in the Microsoft ecosystem.

What would be the simplest way to call an API with an authorization header that includes a token?

My web app, which I want to use for my tab is a next js app hosted on Vercel.

So my ideal flow would be :

Authenticate with the Microsoft teams javascript SDK using

url: window.location.origin + "/auth-start.html",
width: 600,
height: 535,
successCallback: (accessToken: string) => {
failureCallback: (reason) => {

Save the token in my web app, and include it in calls to my backend.

The part that I can't find how to do in any guides is:

On my backend parse the token and get basic info about the user's email, name, and confirmation that he is authenticated.

Microsoft Teams Development
Microsoft Teams Development
Microsoft Teams: A Microsoft customizable chat-based workspace.Development: The process of researching, productizing, and refining new or existing technologies.
2,974 questions
{count} votes