External Publication
Visit Post

MC1338817: Microsoft Teams PowerShell: Web Account Manager (WAM) becomes the default authentication broker

Tophhie Cloud Blog June 4, 2026
Source

[What and Why]

We are updating the Microsoft Teams PowerShell module to use Web Account Manager (WAM) as the default authentication broker for sign-in. This change improves security and provides a more consistent authentication experience on Windows.

A new temporary parameter,-DisableWAM, is available in the Connect-MicrosoftTeams cmdlet , allowing admins to bypass WAM for a single connection if it is not supported in their environment.

This change is available starting withpreview version 7.8.1 of the Teams PowerShell module.

[Rollout Schedule]

General Availability (Worldwide, GCC, GCCH, DoD): Rollout will begin inlate June 2026 and is expected to complete inlate June 2026.

[Impact on Your Organization]

Who is affected

  • Admins using the Microsoft Teams PowerShell module on Windows

Platforms/Services

  • Microsoft Teams PowerShell module
  • Windows

What will happen

  • Sign-in for the following scenarios will use WAM as the authentication broker:
    • Interactive sign-in using Connect-MicrosoftTeams
    • Connect-MicrosoftTeams with credential (-Credential)
    • Connect-MicrosoftTeams with AccountId (-AccountId, Integrated Windows Authentication)
  • The following sign-in methods are not affected :
    • Service principal with certificate
    • Managed identity
    • Pre-acquired access tokens
  • A temporary -DisableWAM parameter is available to bypass WAM for a single connection.
  • The -DisableWAM parameter will be removed in a future release.

Known limitations:

  • On macOS, Linux, and Windows versions earlier than Windows 10 or Windows Server 2019, existing authentication behavior remains unchanged.
  • WAM requires an interactive Windows session with UI access.
  • WAM will not work in non-interactive scenarios such as Windows services, scheduled tasks without a logged-in user, or scenarios that run under impersonation.

[Action Required / Recommendations]

  • Review any scripts that use the Teams PowerShell module, especially those running in non-interactive environments.
  • Update scripts if needed to support WAM authentication.
  • Use the -DisableWAM parameter as a temporary workaround if required.

Learn more: Connect-MicrosoftTeams | Microsoft Teams | Microsoft Learn

[Compliance considerations]

No compliance considerations identified. Review as appropriate for your organization.

Discussion in the ATmosphere

Loading comments...