Research
/Security News
Shai Hulud Strikes Again (v2)
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
By Socket Research Team -  Nov 24, 2025
🚨 Shai-Hulud Strikes Again:More than 500 packages and 700+ versions compromised.Technical Analysis →
office-addin-sso
Advanced tools
office-addin-sso
Configure SSO for Office Addin project and provide SSO authentication service.
Office-Addin-SSO
This package provides the ability to register an application in Azure Active Directory and infrastructure for implementing single sign-on (SSO) taskpane add-ins.
Command-Line Interface
configure
Configure an application in Azure Active Active Directory with necessary permissions and scopes to allow for making GraphApi calls on behalf of the logged-in user.
Syntax:
office-addin-sso configure <manifest> [secret-ttl]
manifest: path to manifest file.
secret-ttl: time to live for the secret used in the Azure app registration, in days. Default is 60 days.
start
Start the single sign-on service that listens for calls from the taskpane make Graph API calls using the Graph token generated by the taskpane add-in
Syntax:
office-addin-sso start <manifest>
manifest: path to manifest file.
Keywords
FAQs
Configure SSO for Office Addin project and provide SSO authentication service.
The npm package office-addin-sso receives a total of 1,576 weekly downloads. As such, office-addin-sso popularity was classified as popular.
We found that office-addin-sso demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Nov 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025