|Service||Microsoft Docs article||Related commit history on GitHub||Change details|
|platform||Auth Aad Sso||https://github.com/MicrosoftDocs/msteams-docs/commits/master/msteams-platform/tabs/how-to/authentication/auth-aad-sso.md||
This section describes the tasks involved in creating a Teams tab that uses SSO.> * Only user-level Graph API permissions are supported that is, email, profile, offline_access, OpenId. If you must have access to other Graph scopes such as `User.Read` or `Mail.Read`, see [recommended workaround](#apps-that-require-additional-graph-scopes). > * It is important that your application's domain name is the same as the domain name you have registered for your AAD application. > * Currently multiple domains per app are not supported.
-> * Applications that use the `azurewebsites.net` domain are not supported as it is too common and can be a security risk.**To register your app through the AAD portal**