Hoxhunt button presents domain trust dialog to users in On-premises Exchange server's OWA

When using Hoxhunt button in OWA that is hosted on an on-premise Exchange Server 2019, 2016 or 2013, users may be presented with a dialog asking to trust the mail server where their Outlook Web Access is hosted.

 

Error description

An embedded page at appsforoffice.microsoft.com says

The domain [mail.example.com] is acting as Microsoft Office and can run Office add-ins, which may access your personal data. If you trust the domain to run as Office and access your data, click OK to continue.

Domain_acting_as_MSO.png

Explanation

According to Microsoft, this behaviour is by design.

When you block third-party cookies in a web browser, you may be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. This issue occurs also in privacy window modes (such as InPrivate mode in Microsoft Edge). This issue occurs because browser restrictions prevent the response from being recorded.

 

Resolution

To record the response and enable the add-in, you must enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. To enable this setting, refer to the specific support documentation for the browser.

 

Related external articles

https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-october-13-2020-6090c465-4c1a-45da-78ce-e8eb46b571f1

https://github.com/OfficeDev/office-js/issues/4055

Was this article helpful?

1 out of 1 found this helpful

Have more questions? Submit a request