CSPP Plus Backstage Integration: Adding Your Cloud Storage to Microsoft Office's File Menu

CSPP Plus Backstage Integration: Adding Your Cloud Storage to Microsoft Office’s File Menu

For most ISVs implementing WOPI-based document editing, the user journey begins the same way: a user browses your platform, clicks a document, and Office for the web opens in an embedded iframe or a new tab. The experience works well, but it is entirely contained within your application. The user never encounters your storage in the one place they spend most of their working day: Microsoft Office itself.

CSPP Plus backstage integration changes that. It enables your cloud storage platform to appear directly inside the Microsoft Office File menu — alongside OneDrive, SharePoint, and other configured locations — so that users can open documents from your storage and save files back to it without ever leaving the Office application. This is the most user-visible capability in the entire CSPP Plus programme, and for many end users it is transformative: their familiar document store becomes a first-class citizen of the Office experience.

This article provides a comprehensive technical guide to implementing CSPP Plus backstage integration. It covers the discovery mechanism, the CheckFileInfo properties required for backstage visibility, branding and icon requirements, the authentication flow for documents opened directly from backstage, and how backstage integration interacts with other CSPP Plus capabilities. McKenna Consultants has implemented backstage integration for multiple enterprise clients, and the guidance here reflects what we have learned in production deployments.

What Is the Office Backstage?

The Office backstage is the full-screen view that appears when a user selects the File tab in any Office desktop application. It contains sections for creating new documents, opening recent files, accessing connected locations, saving files to cloud storage, and managing application settings.

The Open and Save As sections of the backstage are where cloud storage partners appear. When a user connects a third-party storage provider that supports backstage integration, that provider appears in the left-hand panel of the Open and Save As views, at the same level as OneDrive and SharePoint. The user can browse the provider’s folder hierarchy, open documents directly, and save files back to the provider’s storage without leaving the Office application.

From a user experience perspective, this is a significant upgrade over the standard WOPI flow, where the user must navigate to a web application and initiate the edit session from there. With backstage integration, the user’s interaction with your storage platform becomes embedded in Office itself — which is where enterprise users already spend their time.

The CSPP Plus Requirement

Backstage integration is exclusively available to members of the Cloud Storage Partner Program Plus (CSPP Plus). The standard CSPP programme does not include backstage capabilities. If your organisation is currently on the standard CSPP programme and wants to implement backstage integration, you will need to engage Microsoft to upgrade your participation.

The CSPP Plus onboarding process includes domain allow-listing, which typically requires four to five weeks. Backstage integration also requires Microsoft to provision your storage provider in the Office backstage partner registry, which is a separate step from the standard WOPI domain allow-listing. Plan your timeline to account for both.

CSPP Plus backstage integration is available for Office desktop applications on Windows and macOS. The exact version requirements are defined by Microsoft and may change as the Office client is updated; refer to the CSPP Plus technical documentation provided during onboarding for current version requirements.

How Backstage Discovery Works

The Office application discovers available cloud storage partners through a combination of the WOPI discovery document and partner-specific configuration that Microsoft provisions during CSPP Plus onboarding.

The WOPI Discovery Document

The WOPI discovery document is an XML file that Microsoft publishes at a well-known URL. It describes the actions that Office can perform (view, edit, editnew, etc.) and the URL patterns associated with each action. When the Office client initialises, it retrieves this discovery document and uses it to determine which WOPI hosts can handle document operations.

For backstage integration, the discovery document includes additional action types that describe how to browse and interact with a partner’s storage. The getinfo and msofilesync actions are particularly relevant — they enable the Office client to enumerate folders and files from your storage directly within the backstage interface.

Partner Registration and Locale Configuration

During CSPP Plus onboarding, Microsoft registers your storage provider with a set of properties that control how it appears in the Office backstage. These properties include:

• Provider name: The display name that appears in the backstage location list.
• Provider icon: The icon displayed next to your provider’s name (see Branding Requirements below).
• Supported locales: The languages and regions in which your backstage integration is available.
• Entry point URL: The URL from which Office initiates the backstage browsing session.

These properties are configured on Microsoft’s side during onboarding and are not controlled by properties in your CheckFileInfo response. They define the static identity of your provider in the Office backstage.

CheckFileInfo Properties for Backstage Visibility

While the static registration properties are configured during onboarding, the dynamic behaviour of your backstage integration is controlled through CheckFileInfo responses and the associated WOPI endpoints. Several properties are critical to correct backstage behaviour.

HostAuthenticationId

The HostAuthenticationId property identifies the authenticated user on the WOPI host. In a backstage integration scenario, this is particularly important because the user may open documents from multiple sessions, and Office needs to correlate requests with the correct user identity.

{
  "HostAuthenticationId": "user-uuid-from-your-identity-system"
}

This value should be a stable, unique identifier for the user within your system. It must not change across sessions for the same user, as Office uses it to associate the user’s backstage location with their stored credentials.

BreadcrumbFolderName and BreadcrumbDocName

The breadcrumb properties control the navigation trail displayed in the Office backstage and in the Office title bar when a document is open. Providing accurate breadcrumb information is essential for a coherent user experience.

{
  "BreadcrumbFolderName": "Project Documents",
  "BreadcrumbFolderUrl": "https://yourstorage.example.com/folders/project-documents/",
  "BreadcrumbDocName": "Q3 Financial Report.xlsx",
  "BreadcrumbDocUrl": "https://yourstorage.example.com/files/q3-financial-report"
}

The BreadcrumbFolderUrl and BreadcrumbDocUrl values should be URLs in your application that correspond to the containing folder and the document respectively. When the user clicks these breadcrumbs in the Office title bar, they are navigated to the corresponding location in your application.

HostViewUrl and HostEditUrl

These properties define the URLs used when the user wants to open the document in a browser rather than editing it in the Office desktop application. In a backstage context, these URLs are used if the user chooses to open a document in Office for the web instead of the desktop client.

{
  "HostViewUrl": "https://yourstorage.example.com/view/document-id/",
  "HostEditUrl": "https://yourstorage.example.com/edit/document-id/"
}

Ensure these URLs point to pages in your application that initiate the correct WOPI session — view-only for HostViewUrl and editable for HostEditUrl.

SupportsUpdate and UserCanWrite

These properties are standard across WOPI implementations but take on particular importance in backstage scenarios. If SupportsUpdate is false or UserCanWrite is false, Office will open the document in read-only mode. Users who have opened a document from backstage expecting to edit it will be confused by a read-only experience. Ensure these properties accurately reflect the document’s permissions for the authenticated user.

{
  "SupportsUpdate": true,
  "UserCanWrite": true
}

CloseUrl

The CloseUrl property defines where the user is navigated when they close a document that was opened from backstage. In standard WOPI flows, this typically returns the user to the host application. In backstage flows, the behaviour depends on how the document was opened:

• If the document was opened directly in the Office desktop application, CloseUrl is less relevant — closing the document simply closes the file.
• If the document was opened in Office for the web via a backstage URL, CloseUrl defines the navigation destination.

Provide a meaningful CloseUrl that returns the user to an appropriate location in your application:

{
  "CloseUrl": "https://yourstorage.example.com/folders/project-documents/"
}

Branding and Icon Requirements

Microsoft has specific requirements for provider icons used in the Office backstage. Meeting these requirements exactly is important: non-conforming icons may not display correctly, or Microsoft may reject them during the onboarding review process.

Icon Specifications

The backstage integration icon must be provided in the following formats:

• PNG format at multiple resolutions: 16x16, 32x32, 48x48, 96x96, and 256x256 pixels.
• Transparent background: Icons must use transparent backgrounds, not solid white or coloured fills.
• Single-colour or limited palette: Microsoft recommends icons that render clearly at small sizes. Complex or photographic imagery performs poorly at 16x16 and 32x32.
• Square aspect ratio: Non-square images will be cropped or stretched.

For cloud document editing security compliance in enterprise environments, some organisations have additional requirements for how partner icons are presented in Office, particularly in locked-down or managed deployments. Confirm your icon assets with your CSPP Plus programme contact before submission.

Provider Display Name

The display name registered during CSPP Plus onboarding should be concise and unambiguous. Users will see this name in the backstage location panel alongside OneDrive and SharePoint. Consider how your name reads in context — for example, if your product is named “Nexus DMS”, users will see “Nexus DMS” in the same list as “OneDrive — Personal” and “McKenna SharePoint”. The name should be recognisable to your users without explanation.

The User Authentication Flow

The authentication flow for backstage integration differs from the standard WOPI launch flow in an important way: the user may not be authenticated to your platform at the point when Office initiates the backstage session.

The Standard WOPI Launch Flow

In the standard WOPI flow, the user authenticates to your web application, browses to a document, and your application constructs a WOPI action URL that includes an access token. This token is passed to Microsoft’s Office for the web, which includes it in all subsequent WOPI requests. Authentication happens in your web application before the Office session begins.

The Backstage Authentication Challenge

In backstage integration, the user may open Office on their desktop, navigate to the backstage, and click on your storage location without having recently authenticated to your web application. Office needs to obtain credentials for your storage before it can display the user’s folders and files.

Microsoft handles this through a browser-based authentication flow that is initiated within Office. When the user selects your storage location in backstage for the first time (or after their credentials have expired), Office opens a WebView panel within the backstage that navigates to your authentication endpoint. The user completes the authentication flow in this WebView — which can include OAuth 2.0 authorisation, MFA challenges, and consent screens — and upon successful authentication, your application returns an access token that Office stores for subsequent requests.

Implementing the Authentication Endpoint

Your authentication endpoint must be configured to work correctly within the Office WebView context. Key requirements:

HTTPS everywhere. All authentication endpoints and redirects must use HTTPS. Office will not initiate authentication flows to HTTP URLs. This is a fundamental cloud document editing security compliance requirement.

OAuth 2.0 with PKCE. The recommended authentication pattern for backstage integration is OAuth 2.0 with the Proof Key for Code Exchange (PKCE) extension. This provides security appropriate for a public client (the Office application) without requiring a client secret to be embedded in the application.

Token storage. After authentication, Office securely stores the access token and refresh token. On subsequent sessions, Office uses the stored refresh token to obtain a new access token without requiring the user to re-authenticate. Your token endpoint must support refresh token grant flows.

Token scoping. The access token issued for backstage use should be scoped appropriately. For WOPI host security best practices, the token should grant access only to the document operations required by the WOPI protocol — it should not be a broad administrative token. Define specific OAuth scopes for WOPI access and ensure your authorisation server issues tokens with those scopes.

Recommended OAuth scope structure:
wopi.read       — CheckFileInfo and GetFile operations
wopi.write      — PutFile and PutRelativeFile operations
wopi.manage     — Lock, Unlock, RenameFile, DeleteFile operations

Silent authentication. If the Office application already holds a valid refresh token, authentication should succeed silently without the user seeing any UI. Only prompt for credentials when a valid token cannot be obtained automatically. Excessive authentication prompts in backstage are a common source of user complaints.

Session Persistence and Token Expiry

Access tokens issued for backstage use should have a lifetime appropriate for a working session — typically one to four hours. Refresh tokens should be longer-lived, enabling Office to silently re-authenticate across multiple working sessions.

When a token expires during an active backstage session, Office will attempt to use the stored refresh token. If the refresh token is also expired or has been revoked, Office will initiate the full authentication flow again. Design your token expiry policies with this in mind: overly short refresh token lifetimes will require users to re-authenticate to your backstage location frequently, which is disruptive.

How Backstage Differs from the Standard WOPI Launch Flow

Understanding the differences between backstage integration and the standard WOPI launch flow is essential for correctly implementing your WOPI host.

Aspect	Standard WOPI Launch	Backstage Integration
User entry point	Your web application	Microsoft Office File menu
Authentication timing	Before Office session	On first backstage access (or token expiry)
Access token delivery	Via WOPI action URL parameter	Via OAuth flow stored by Office
File browsing	Handled by your application	Handled by Office via WOPI browse endpoints
Target application	Office for the web (browser)	Office desktop application
Breadcrumb context	Set by your application’s action URL	Set by CheckFileInfo breadcrumb properties

The most significant architectural difference is file browsing. In the standard flow, your application presents its own folder browser to the user. In backstage integration, the Office application itself renders a folder browser within the backstage panel, and it populates that browser by calling WOPI endpoints on your host. This means your host must implement folder enumeration endpoints that are not required in a standard WOPI deployment.

Folder Enumeration Endpoints

To support backstage browsing, your WOPI host must implement the EnumerateAncestors and EnumerateChildren operations. These endpoints allow Office to build the folder tree that users navigate within the backstage panel.

EnumerateChildren returns the contents of a folder — both subfolders and documents — in a structured format that Office can display. The response includes file names, sizes, last-modified dates, and the WOPI URLs for each item.

EnumerateAncestors returns the folder path from the current item back to the root of the user’s storage, enabling Office to display and navigate the breadcrumb trail.

These endpoints are authenticated using the same access token mechanism as the core WOPI operations. Ensure your authorisation logic correctly validates the token for these folder enumeration requests.

Combining Backstage Integration with Other CSPP Plus Features

CSPP Plus backstage integration does not exist in isolation. For a complete enterprise WOPI implementation, backstage should be combined with the other capabilities available in CSPP Plus.

Backstage with Geo-Fencing

If your platform serves customers with data residency requirements — a common need in regulated sectors and an important consideration for cloud document editing security compliance — backstage integration must be combined with the ComplianceDomainPrefix property in your CheckFileInfo response. This ensures that when a user opens a document from backstage, the Office session routes all document processing through the correct regional data centre.

The geo-fencing logic applies identically whether the document was opened via the standard WOPI flow or from backstage. Your CheckFileInfo implementation should determine the correct ComplianceDomainPrefix based on the authenticated user’s tenant or data residency requirements, regardless of the entry point.

Backstage with Chunked File Transfer

For platforms that handle large documents, combining backstage integration with chunked file transfer eliminates file size constraints in the Office desktop editing experience. When a user opens a large file from backstage, chunked file transfer ensures the document loads efficiently and saves reliably, regardless of size.

The chunked file transfer capability flags (ChunkedUploadEnabled, MaxChunkSize) in your CheckFileInfo response apply to backstage-initiated sessions as they do to standard WOPI sessions. No additional configuration is required to combine these features.

Backstage with Coauthoring

When a document opened from backstage supports coauthoring, multiple users can collaborate on the same file simultaneously. From the protocol perspective, coauthoring in a backstage-initiated session behaves identically to coauthoring in a standard WOPI session. The user who opens the document from backstage establishes the coauthoring session, and other users can join via their own WOPI access — whether from backstage, from a web application, or from a shared link.

Implementation Checklist

For ISVs implementing CSPP Plus backstage integration, the following checklist summarises the key requirements:

CSPP Plus enrolment:

• Confirm CSPP Plus membership (upgrade from standard CSPP if required)
• Complete Microsoft’s backstage provider registration (separate from domain allow-listing)
• Submit approved icon assets in all required resolutions
• Confirm provider display name and locale configuration with Microsoft

Authentication:

• Implement OAuth 2.0 with PKCE for backstage authentication
• Define granular OAuth scopes for WOPI operations
• Implement silent token refresh using stored refresh tokens
• Test authentication flow within Office WebView context
• Ensure all endpoints use HTTPS

WOPI host endpoints:

• Implement CheckFileInfo with all required backstage properties (HostAuthenticationId, breadcrumb properties, HostViewUrl, HostEditUrl, CloseUrl)
• Implement EnumerateChildren for folder browsing
• Implement EnumerateAncestors for breadcrumb navigation
• Ensure UserCanWrite and SupportsUpdate reflect accurate permissions

Integration with other CSPP Plus features:

• Include ComplianceDomainPrefix in CheckFileInfo if data residency is required
• Include chunked file transfer properties if large document support is needed
• Include coauthoring properties if collaborative editing is supported

Testing:

• Test the first-time authentication flow in the Office backstage
• Test silent re-authentication after token expiry
• Test folder browsing and file open from backstage
• Test Save As to your storage from within an Office document
• Test Recent Documents listing for files opened from your storage
• Verify breadcrumb display in the Office title bar
• Test with both Windows and macOS Office clients

Why Backstage Integration Matters for ISVs

For ISVs evaluating CSPP Plus features, backstage integration represents the highest user-facing return on implementation investment. The other CSPP Plus capabilities — geo-fencing, chunked file transfer, coauthoring — are important for compliance, performance, and collaboration, but they are largely invisible to end users. Backstage integration is the one feature that end users will notice and appreciate immediately.

From a commercial perspective, backstage integration removes a significant adoption barrier. Users who are accustomed to accessing OneDrive from the Office File menu will naturally look for the same capability with your storage. When your platform appears there, it signals maturity and deep Microsoft integration — two qualities that enterprise procurement teams value. For WOPI host security best practices, having a properly implemented backstage integration also demonstrates adherence to Microsoft’s security and authentication standards, which can be a differentiator in security-conscious procurement processes.

Working with McKenna Consultants

McKenna Consultants has extensive CSPP Plus implementation experience, including backstage integration projects for document management platforms and enterprise SaaS applications across the UK and Europe. Our team understands both the technical protocol requirements and the Microsoft relationship management involved in the CSPP Plus onboarding process — including the backstage provider registration steps that are separate from standard domain allow-listing.

If you are implementing CSPP Plus backstage integration, considering CSPP Plus enrolment, or need to audit an existing WOPI implementation for compliance with WOPI host security best practices, our team can help across the full project lifecycle: from initial scoping and CSPP Plus onboarding through to production deployment and post-launch support.

Contact McKenna Consultants to discuss your WOPI and CSPP Plus requirements. Whether you are starting from scratch or extending an existing integration, we can help you deliver a robust, secure, and user-friendly backstage experience that puts your cloud storage where your users spend their working day.

Conclusion

CSPP Plus backstage integration is the feature that transforms your WOPI implementation from a useful document editing capability into a genuinely integrated part of the Microsoft Office experience. By appearing in the Office File menu alongside OneDrive and SharePoint, your cloud storage becomes part of users’ natural workflows — not something they need to navigate to a separate application to access.

The implementation requires attention across several interconnected areas: CSPP Plus enrolment and provider registration, OAuth 2.0 authentication within the Office WebView, the breadcrumb and permission properties in CheckFileInfo, and the folder enumeration endpoints that power the backstage browser. Done correctly, the result is an experience that users find intuitive and that positions your platform as a credible, enterprise-grade document storage solution.

Combined with geo-fencing for data residency, chunked file transfer for large documents, and coauthoring for team collaboration, backstage integration completes the picture of what a comprehensive CSPP Plus implementation delivers: full Microsoft Office integration at every level of the user experience, with the compliance controls and performance characteristics that enterprise customers require.