The Path from Sideload to Store
Publishing to the Teams Store means submitting a validated app package through Partner Center's Teams Store submission flow rather than just distributing a sideloadable zip within one tenant. Microsoft's review team checks the package against functional, security, and content policies before it becomes publicly discoverable, and review typically takes a few business days but can extend for apps requesting sensitive permissions or first-time publishers.
Cricket analogy: It's like the difference between a club-level friendly and getting your team into the IPL auction pool — sideloading is the friendly match, but Teams Store submission means passing a formal vetting process before you're eligible to play on the big stage.
Manifest and Metadata Requirements
The Teams Store requires the manifest to include a short description (under 80 characters) and full description (under 4000 characters), a privacy policy URL and terms of use URL, color and outline icons at 32x32 and 192x192 pixels, and an accurate validDomains list covering every domain the app's tabs or bot actually load content from. Missing or mismatched icons, a privacy URL that 404s, or a validDomains entry that doesn't match the tab's actual content URL are among the most common reasons packages fail automated validation before a human reviewer even looks at them.
Cricket analogy: It's like a player's registration paperwork for a tournament — if the passport photo, visa, and eligibility documents don't match exactly, the board rejects entry before the player even steps onto the field, just as a mismatched validDomains entry fails automated validation.
Publisher Attestation and Certification
Since 2023, Microsoft requires Publisher Attestation for every app submitted to the Teams Store — a self-service questionnaire in Partner Center where the publisher declares how the app handles data, what security practices are followed, and confirms compliance with Microsoft's policies, and this is mandatory even for free apps. Microsoft 365 App Certification is a separate, optional, deeper security and compliance audit (covering things like data handling, application security, and operational security) that unlocks a certification badge in the store listing and is often required by enterprise customers with strict procurement requirements before they'll approve installing a third-party app.
Cricket analogy: It's like every player needing a basic fitness certificate to be eligible for selection (Publisher Attestation, mandatory) versus opting into the more rigorous Yo-Yo test that elite squads use to prove peak conditioning (App Certification, optional but valued).
Submission Workflow in Partner Center
The submission flow is: create or select an app in Partner Center, upload the validated app package (a zip containing manifest.json plus color and outline icons), fill in store listing details (categories, screenshots, support contact), complete Publisher Attestation, and submit for review. Common rejection reasons beyond manifest issues include broken authentication flows that a reviewer can't get past during testing, test or placeholder content left visible in the app, and privacy policy or terms of use documents that don't specifically describe what the app does with Teams data — resubmission after a fix goes through the same review queue rather than a fast-tracked re-check.
Cricket analogy: It's like a player going through selection trials — batting trial, fielding trial, fitness test — in sequence, and if they fail one (say, the reviewer can't complete login), they're sent back to train and re-enter the entire trial process, not just the failed drill.
{
"$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.17/MicrosoftTeams.schema.json",
"manifestVersion": "1.17",
"id": "a1b2c3d4-e5f6-4789-a012-b3c4d5e6f789",
"version": "1.0.3",
"developer": {
"name": "Contoso Apps",
"websiteUrl": "https://contoso.example/about",
"privacyUrl": "https://contoso.example/privacy",
"termsOfUseUrl": "https://contoso.example/terms"
},
"description": {
"short": "Track project tasks without leaving Teams",
"full": "Contoso Tasks lets teams create, assign, and track project tasks directly inside Teams channels and personal chat, with due-date reminders and Adaptive Card status updates."
},
"icons": { "color": "color.png", "outline": "outline.png" },
"validDomains": ["contoso.example", "api.contoso.example"]
}Publisher Attestation is mandatory for every Teams Store submission since 2023, even free apps — budget time in your release checklist for filling out the Partner Center questionnaire before you submit, not after.
A validDomains list that's missing a domain your tab actually loads content from (for example, a CDN or auth redirect domain) will cause the tab to fail silently for reviewers and end users alike — test the exact production build, not a dev build with looser domain rules.
- Teams Store submission goes through Partner Center and requires a validated app package plus store listing metadata.
- The manifest needs short/full descriptions, privacy and terms URLs, and correctly sized color/outline icons.
- validDomains must exactly match every domain the app's tabs or bot actually load content from.
- Publisher Attestation is mandatory for all submissions since 2023; Microsoft 365 App Certification is optional but often required by enterprise customers.
- Review typically takes a few business days but extends for sensitive permissions or first-time publishers.
- Common rejection reasons include broken auth flows, leftover test content, and vague privacy documentation.
- Resubmission after a fix re-enters the full review queue rather than a fast-tracked recheck.
Practice what you learned
1. Which Partner Center step is mandatory for every Teams Store submission since 2023, even for free apps?
2. What is a common reason an app package fails automated Teams Store validation before human review?
3. What must the validDomains array in a manifest match?
4. Is Microsoft 365 App Certification mandatory for Teams Store submission?
5. What typically happens after a rejected app package is fixed and resubmitted?
Was this page helpful?
You May Also Like
Teams App Best Practices
Practical guidelines for building performant, secure, and visually consistent Microsoft Teams applications that hold up in production.
Testing and Debugging Teams Apps
Practical techniques for local debugging, testing SSO and bots, and diagnosing issues in production Teams apps.
Microsoft Teams Quick Reference
A condensed cheat sheet of core manifest fields, TeamsJS APIs, bot patterns, and Graph endpoints for Teams app development.
Related Reading
Related Study Notes in Microsoft Technologies
Browse all study notesWindows 10 / UWP Development Study Notes
.NET · 30 topics
Microsoft TechnologiesWindows Batch Scripting Study Notes
Batch · 30 topics
Microsoft TechnologiesMFC (Microsoft Foundation Classes) Study Notes
C++ · 30 topics
Microsoft TechnologiesSilverlight Study Notes
.NET · 30 topics
Microsoft TechnologiesXAML Study Notes
.NET · 30 topics
Microsoft TechnologiesWPF (Windows Presentation Foundation) Study Notes
.NET · 30 topics