Skip to main content

The Outlook add-in

The LataSys Defender Quarantine add-in lives in Outlook and gives end users one-click access to their own quarantined messages — without granting them tenant-admin permissions.

What end users can do

  • See their own quarantine. A list of messages held by Microsoft 365 Defender for their mailbox specifically. Nobody else's mail is visible.
  • Request release. One button opens a dialog with an optional "why" field. On the Viewer & Release edition, this submits for admin approval or self-releases per tenant policy.
  • See why a message was quarantined. Each row shows the quarantine type (phish, malware, spam, bulk, etc.) and the policy that caught it.

What end users can't do

  • Release someone else's quarantined message. The API scopes every operation to req.user.upn from the validated token — there's no way to act on another user's mail.
  • Bypass admin policy. On Viewer-only editions or RequestRelease mode, release is admin-only or gated by approval. The add-in disables the button and surfaces an upgrade hint.

Supported Outlook hosts

The add-in runs in any Outlook surface that supports Office.js add-ins:

  • Outlook on the web (OWA) — any modern browser.
  • New Outlook for Windows — the Edge-WebView2-based client.
  • Classic Outlook for Windows — the traditional desktop client.
  • Outlook for Mac — both Apple Silicon and Intel.
  • Outlook mobile — iOS and Android.

The portal's Observed Versions card reports which host each user is actually running it on — useful for support triage.

→ Next: Installing the add-in covers per-user vs tenant-wide install.