Connecting AssistMyTeam Apps to SharePoint with Office 365 account enabled with Multi-Factor Authentication (MFA)
If your admin has set up 2-step verification or multi-factor authentication (MFA) on your Office 365 account, and you’re trying to connect AssistMyTeam add-in to your SharePoint Online site, you may get the following error message in the login dialog box of the add-in if you use your Office 365 account password.
REASON: When MFA is enabled on Office 365 accounts, users are required to acknowledge a phone call, text message, or app notification on their smart phones after correctly entering their passwords. They can sign in only after this second authentication factor has been satisfied. However, for client apps such as AssistMyTeam Add-ins, this creates an overhead for users. This is where an app password comes into use. An app password is a code that gives an app or device permission to access your Office 365 account and bypass the multi-factor authentication and continue to use their application.
There are two parts to enable app password.
Part 1 – Set up Multi-Factor Authentication for Office 365 users
This is done by the administrator. Sign in to Microsoft 365 Admin Center and go to ‘Active Users’ section under ‘Users’.
And click ‘Multi-factor authentication‘ as outlined in the screenshot above.
And from the ‘multi-factor authentication’ page, choose each or multiple users and click ‘Enable‘ link to activate and enable multi-factor authentication (MFA) for the selected users.
Additionally, if MFA was already enabled, and if the ‘Enforce‘ option link appears, click it as well. If it does not appear, skip this step.
After enabling the MFA for the users, the ‘MULTI-FACTOR AUTH STATUS‘ column of the users list should show ‘Enabled‘ (something like in the below screenshot):
Additionally, click on the ‘service settings‘ section on the top portion.
And make sure the option ‘Allow users to create app passwords to sign in to non-browser apps‘ is selected under ‘app passwords’ section (see screenshot below).
Part 2 – Generating an app password by user
Click My Account > Security info tab.
From the ‘Security Info’ section, click on ‘+ Add sign-in method‘ as shown below:
This will prompt you to choose a method of the sign-in to be added. From the drop down, choose ‘App password‘.
And then confirm by clicking ‘Add’ button.
You will be again prompted to specify and give a name to your App password for identification.
For instance, we can give a meaningful name such as ‘helpdesk sign in’ for easy remembrance and identification.
Click the ‘copy‘ icon next to the password to copy password to clipboard. You won’t need to memorize this password.
Finally, in your ‘Security Info’ section, a new sign-in method ‘App password’ should be added with the name you had specified in the earlier step.
Now that you have the App password generated, it is ready for use with the AssistMyTeam Apps. From your Outlook, go to the AssistMyTeam add-in that you want to connect to SharePoint Online with your Office 365 account. When prompted to enter a password, paste the app password in the box. And don’t forget to check ‘remember’ option (bottom section) so that you don’t have to perform the same steps over and again.