Aguardic logoAguardic/Docs

Search documentation

Search all documentation pages

Get Started

Microsoft Teams Integration

Enforce policies on Microsoft Teams conversations.

Overview

The Microsoft Teams integration connects Aguardic to your Teams environment via Microsoft Graph OAuth. Aguardic monitors messages in selected teams and channels, evaluating them against your policies and enforcing compliance in real time.

Setup

1. Connect via OAuth

Go to Integrations > Add Integration > Microsoft Teams in the Aguardic dashboard and click Connect. You'll be redirected to Microsoft to authorize Aguardic with the required Graph API permissions.

2. Select Teams and Channels

After connecting, Aguardic syncs your available teams and channels. Select which teams and channels to monitor from the integration settings page.

3. Bind Policies

Go to Policy Bindings and map your policies to the Teams integration. Policies apply to all monitored channels across your selected teams.

4. Configure Enforcement

Choose how Aguardic enforces policy results in Teams:

  • BLOCK — Sends a chat message to the sender with violation details and flags the message for admin review
  • WARN — Posts a reply in the channel thread with a warning and violation details
  • MONITOR_ONLY — No visible action in Teams, violations logged in Aguardic only

How It Works

  1. A user posts a message in a monitored team channel
  2. Microsoft Graph sends a change notification to Aguardic
  3. Aguardic fetches the message content and channel context
  4. The governance engine evaluates against bound policies
  5. Enforcement actions are taken based on the policy mode

What Gets Evaluated

  • Message content — Text of the message, including rich text and mentions
  • File attachments — Names, types, and content of shared files
  • Channel context — Which team and channel the message was posted in
  • Sender information — Who sent the message

Example Policies

Data Classification Enforcement

Prevent sharing of content marked as confidential:

  • Field: content
  • Operator: CONTAINS
  • Value: CONFIDENTIAL|INTERNAL ONLY|RESTRICTED
  • Severity: HIGH

External Sharing Prevention

Flag messages that reference sharing content with external parties:

  • Field: content
  • Operator: MATCHES
  • Value: (share|send|forward).*(external|outside|third.party|vendor)
  • Severity: MEDIUM

PII Detection

Detect personally identifiable information in team messages:

  • Field: content
  • Operator: MATCHES
  • Value: (\b\d{3}-\d{2}-\d{4}\b|\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b) (SSN or email patterns)
  • Severity: CRITICAL

Next Steps

SlackGmail