The latest update for the Teams admin center includes the ability to manage the permissions used by third-party apps to access data via the Microsoft Graph. The updates also include the ability to manage resource specific consent (RSC) for Teams apps. While third-party apps ate the obvious target, LOB apps created by tenants are managed in the same way.
The Teams Admin Center now includes a Manage Apps page to allow administrators to view the complete inventory of apps available to Teams. Administrators can decide if they want to make apps available to users via Teams app setup policies or block the installation of apps. Each app has a publisher and certification status, but not many apps have been through the full “Microsoft 365 certified” process, including many of Microsoft’s own apps.
Teams App Security policies now include an Allow user pinning setting, which controls the ability ot users to pin apps to the left-hand navigation rail. The setting is enabled by default and probably can stay that way in most circumstances. Guest users don’t get to pin anything because their accounts are not policy-controlled.
Teams App Setup policies allow tenant administrators to modify the set of apps shown in the Teams navigation bar,. You can add your own apps and move apps around and then assign policies to select groups of users individually or using PowerShell. This is part of a set of features designed to make apps more manageable within enterprises. The next step will be Teams app permission policies (not yet available).