Body
Topics Answered in this Article
Why can’t I add Grammarly to Microsoft Word or Outlook?
Microsoft 365 third‑party app restrictions
Request approval for a Microsoft 365 add‑in or plugin
What apps are approved to use with Microsoft Teams and Outlook?
Grammarly not available in Microsoft 365
How do I get approval for a new Microsoft Office plugin?
Third‑party (3rd party) integrations blocked in Microsoft 365
Submit a request for an enterprise app integration
Overview
Microsoft has updated its security approach for Microsoft 365. As part of this change, Microsoft now flags high‑risk integrations and requires administrator approval before those applications can be connected to Microsoft Office, Outlook, or Teams. To protect our Microsoft 365 tenant, institutional data, and our campus community, OIT has updated how these requests are handled.
What’s Changing
Microsoft's default setting automatically flags some third‑party applications as high risk and requires administrator approval before they can be added. This default setting risks applications being marked as high risk without our knowledge or advance notice.
- To ensure stability and consistency in our security posture, we have set (using Microsoft best practices and recommendations) a default risk level for application integrations and requirements for business use. For application integrations into the tenant, the integration permissions must:
- Due to risk, licensing, and workload concerns, OIT is no longer approving administrator-initiated consent requests for high‑risk integrations.
What Is Still Allowed
- Approved enterprise applications (such as Zoom, Salesforce, Calendly, Slack, RingCentral, and Adobe Acrobat Reader) remain supported.
- Department‑wide, purchased solutions may be approved only after they have successfully completed the Governance, Risk, and Compliance (GRC) review process (Data and Technology Risk Review).
- Previously approved integrations remain in place. OIT is not removing existing connections at this time. A future audit will be conducted, announced, and communicated well in advance, so departments have time to prepare.
- Low‑risk, user‑initiated integrations that do not require administrator approval remain allowed.
- If you are already using a third‑party plugin, you may continue using it. These changes apply only to new requests.
Need an Application Reviewed or Approved?
If your department needs an application that is not currently approved:
- Submit a Data and Technology Risk Review request before purchasing software or requesting any Microsoft 365 integration.
- The Cybersecurity Governance, Risk, and Compliance (GRC) team will review the application for security, privacy, contractual, and compliance requirements.
Important
- If the Data and Technology Risk Review has not been completed, no Microsoft 365 integration will be performed.
- This review process is the only way to integrate third‑party applications with Microsoft 365.
- Only applications that meet institutional standards after review will be considered.
- If you’re a student, your professor will need to request the necessary application and the list of students who require it.
- If you're a student worker, please have your immediate supervisor submit your request.
Why This Matters
Key Considerations
- A "low‑risk" classification does not mean no risk.
- Applications may access data or perform actions on behalf of users. If the user has access to sensitive information, the application may have access to it as well.
- Permissions, vendor practices, and software behavior can change over time.
- The number and variety of available integrations make ongoing monitoring and auditing impractical at the individual‑user level.
Limiting integrations to reviewed, enterprise‑level, and department‑wide solutions enables OIT to:
- Maintain consistent and centralized security oversight.
- Ensure integrations meet institutional standards.
- Support tools that serve needs across all UT campuses.
Approved and Denied Apps
For more information about the above scenarios or to view a list of currently approved or denied apps, please expand the relevant section(s) below. To request a new 3rd-party app connection to Microsoft 365, please complete the Microsoft Third-Party App Access Request form.
Approved Apps
| App Name |
Additional Information |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
Denied Apps
| App Name |
Suggested Workaround |
| #1 AI Meeting Note Taker - TeamsMaestro |
|
| Airtable |
|
| Arc |
|
| Attio |
|
| ChatGPT |
|
| ClickUp |
|
| ePRINTit |
|
| FamilyWall |
|
| Fetch |
|
| Files Editor |
|
| Granola |
|
| Motion |
|
| One Calendar |
If you are looking for scheduling and task management tools, a few secure options we already provide include Microsoft Viva Insights and the Microsoft To Do integration within Outlook. |
| Outlook AI |
|
| PayPal |
|
| Perplexity |
|
| ProQuest |
|
| Shop |
|
| Skylight Calendar |
|
| Superhuman (Desktop) |
|
| Supernote Drive |
|
| Whale Framely |
|
| 网易邮箱大师 |
|
Questions or Need Help?
If you are unsure whether an application requires review or need help starting a request, contact the OIT HelpDesk. They can assist with next steps and ensure your request is routed correctly to the GRC team.