Microsoft has announced that it is introducing a new single sign-on (SSO) service for Office Add-ins. This only applies to the Office on the web interface of Microsoft's suite. The Redmond tech giant has additionally noted that this new service will only be applicable to add-ins being used in Excel, Word, and PowerPoint. This means that Outlook add-ins are currently unaffected.
Microsoft says that the enhancements that this configuration change will bring include improved reliability and support for additional scenarios where Office on the web is used. It is important to note that since this is a new service, organizations using Office Add-ins on the web need to add the following ID to their list of authorized client applications in the Azure portal: 93d53678-613d-4013-afc1-62e9e444a0a5. Meanwhile, organizations which already have the following ID added need not change anything further as this group authorization already includes the newly introduced SSO service: ea5a67f6-b6f3-4338-b240-c655ddc3cc8e. That said, if your backend applications validate specific app IDs, you'll need to make changes there.
Microsoft has cautioned that it will be shifting completely to this new SSO service from February 7, so if you don't update your configuration before then, applications will not use the standard SSO flow, and will instead revert to a fallback, if one is available. Customers who do not make the recommended changes may see error 13005 as the response. As such, it is recommended that organizations which use Office Add-ins on the web should immediately update their authorized app IDs, further details for which can be found here.