Pages Menu

Posted by on Mar 2, 2017 in Development, Office365, Skype for Business® (Lync®)

(Part of the) Skype for Business Online New Trusted Application API is now in Public Preview!

(Part of the) Skype for Business Online New Trusted Application API is now in Public Preview!

OK. I think I’ve got it and I think I understand what’s going on. It’s been a few days, and I’ve sat on my hands because I wanted to completely understand everything before I wrote it here, and I wanted to make sure I wasn’t breaching any NDAs. I’ve also asked around some folks at Microsoft for clarification. I don’t have all the answers back yet so this information might change, but this is what I know today. Microsoft folk: if you would like to clarify/correct any of this, please reach out on the usual channels. 🙂

You can read the announcement here, but be warned that it doesn’t actually mention “Trusted Application API” anywhere.

Last week, Microsoft released a new set of templates aimed at the healthcare market. What was interesting about those templates was that the functionality they describe couldn’t be achieved without some extra technology not previously available. It’s that technology which is moving into Public Preview today.

That functionality is called Dynamic Guest Access. And that functionality is offered as part of the Trusted Application API. But, it’s only the Dynamic Guest Access part of the Trusted Application API which is being made Public Preview.

Clear? OK, let’s dig into it in a bit more detail.


In October 2016, as MS Ignite, Microsoft first publicly mentioned the Trusted Application API. I wrote about it then and there are some good slides and detail about the problems it solves. At that time we were told it would be coming to Skype for Business Online first, with on-premises solutions being offered later. In fact, there was even a timeline slide:

It seems that we’re now starting to see the fruits of all the effort that started even before MS Ignite 2016 and have been continuing over the winter months.

Bringing us up to date, what I think we’re seeing is that rather than releasing an entire API, 100% complete, delivered as a fait accompli with a bow on, the Platform Team are instead choosing to focus on the most useful, most demanded functionality first and releasing it as soon as it’s ready, before concentrating on the next most important feature, and so on. This agile method of delivery certainly gets my vote because it means we can all start using the most requested features sooner.

Microsoft have a focus on healthcare that extends way beyond Skype for Business so this is clearly an important area for them. It’s my guess that they identified what functionality they would need to deliver a really compelling set of healthcare templates and targeted those features in the API first, hence leading to the Public Preview of Dynamic Guest Access.

Dynamic Guest Access

So, what actually is Dynamic Guest Access?  It’s essentially two Skype for Business features: scheduling a meeting, and authorising guest users securely allowing them to anonymously join the meeting.

If you’re thinking “is that it?”, well – you need to take into account as well that these two features are offered as a REST-based API which can run as a web service in Azure (or any other Cloud) and can talk to Skype for Business Online. That’s all new capability we didn’t have before this announcement.

That also means you have (just) enough features to create a fully functional Business-to-Consumer (B2C) scenario where the business sets up a secure meeting area (a Skype for Business conference), brings in people from the business (maybe who use the Skype for Business client), then exposes a secure link to a customer to allow them to join the meeting anonymously, either over the web or using a mobile application (courtesy of the Skype for Business App SDK). In fact, that’s exactly the scenario offered by the health care templates!

We need to work on naming, but with the release of the Trusted Application API (Dynamic Guest Access) – TAA(DGA) – Tagda? – we can start to see the long-term vision the Skype for Business Platform Team have had becoming a reality. Now, for the first time you can have a fully cloud-hosted end-to-end customer service / remote advisor / B2C scenario using native Skype for Business technology. It’s a huge step forward, and really exciting. There are a lot of organisations who have Skype for Business on-premise but can’t move to Office365 because they are reliant on UCMA applications (which can’t run in Skype for Business Online). Over time, expect to see solutions ported over to use this new API, and organisations transitioning to the cloud as a result.


One of the great things that’s changed at Microsoft over the past 18-24 months is that there’s been a real opening up of how information is distributed, using popular established (and non-Microsoft) tools. For instance, all the documentation for this API is on GitHub, where it can more easily be kept up to date, changes tracked, corrections submitted etc.  The root of the documentation is: but here are a couple of good landing places I hope you’ll find useful as you explore these new features:

Samples are here. There are two samples: a very simple console application and a more involved sample which shows how to schedule a meeting and manage anonymous sign-in.

Here’s a good Overview of the API which goes into some detail about the overall aims of the API and key use cases

Once you want to start developing your first API application, this page will take you through the registration process. This is non-trivial, because you need to authorise your application against your Office365 tenant to give it the permissions it needs to work with Skype for Business. There’s a really good (and detailed) explanation of how to setup a Trusted Application Endpoint in Skype for Business Online using PowerShell!

Not only are Microsoft using GitHub, they’re also using NuGet! You can add the SDK for this API to your project using Install-Package Microsoft.SkypeforBusiness.TrustedApplicationAPI.SDK -Pre:

Note that this is still pre-release (as it’s not GA), so you’l need to use the -Pre flag, and if you’re using the visual NuGet Package Manager then you’ll need to make sure to include Pre-release packages.

Written by Tom Morgan

Tom is a Microsoft Teams Platform developer and Microsoft MVP who has been blogging for over a decade. Find out more.
Buy the book: Building and Developing Apps & Bots for Microsoft Teams. Now available to purchase online with free updates.


  1. I have used Skype web APIs for “Skype for business” but I am not able to login, I am trying using steps of “” blog.
    First I have call and its give me “xframe” and “redirect” URLs. After that I have call the redirect URL and its give me “user” and “xframe” URLs.

    Please guide me after then what OAuth URL I can use for User authentication.

  2. Will there be a nuget package of “Microsoft.SkypeForBusiness.TrustedApplicationAPI.SDK” for .Net Core?
    Looking to use with services built on Asp.Net Core 2.0 (.Net Standard 2.0).

  3. Hi Tom,

    Will there be any way to get conversation logs with Trusted Application API ?

    Can you share the sample with us ?

Post a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.