I am in the process of deploying an excel addin I have developed. In the documentation I cannot find an answer on how to implement an authentication mechanism for the static files referenced in the manifest (like function definitions, the taskpane etc). As it is I would need to deploy these on the open internet, while isnt a major concern as the addin it merely acts as a proxy to api calls that does implement oath 2.0, I would still expect to configure the addin to provide either a token authorized against the WebApplicationInfo app of the manifest or a secret.
Is it possible and if so how to configure the authentication to fetch these static files referenced in the manifest?