Thursday, 5 January 2017

Inconvenient license verification in Office Store


A Licensing validation challenge

I have a single non-free add-in listed on the office store, I noticed that once the add-in trail is over it will still function as a full version. The Office store licensing framework won't remove the add-in from the user's available add-ins.

It's totally up to the add-in developer to limit the functionality of the add-in using store license verification endpoint.

The license token is issued and passed to the add-in as a query parameter ?et, you can easily get the license token which will be a base64 encoded in the case of Office Add-ins and URL encoded in outlook add-ins case.







Interestingly enough, if you are using outlook web app the license token parameter will always be an empty string which is a known issue as Humberto Lezama pointed out on this StackOverflow thread

after I dive into the code, I find out that the reason for this is the token is never retrieved only the the add-in manifest file is retrieved as the script mistaken the store type to be "Exchange" instead of "OMEX" (Office Marketplace Experience)


tracing back store type value, i find out that it has been set as hardcoded value in https://r1.res.office365.com/owa/prem/16.1569.8.2186260/scripts/microsoft.owa.extensibilitynext.js
as Exchange regardless of the source of the add-in




However, by correcting the value to omex I faced the below error



Build your own licensing model 

Instead of relying on the Office store licensing model you can list your add-in as a free add-in on the Office store and build your own licensing model.
building your own licensing framework is not an uncommon practice, one of the most popular apps on the store -Nintex Workflows for Office 365- is using a similar approach.


Related Articles