Fostr’s Microsoft Outlook integration enables visibility into email-based communications and scheduled meetings, with the potential to power context-driven triggers, coordination workflows, and AI-assisted summaries. This page outlines how access and permissions are governed at both the user and organizational levels to ensure data integrity, compliant visibility, and scoped exposure across workspaces. The integration is designed to respect Outlook’s existing permission hierarchy while surfacing only what is necessary for Fostr’s workflows.

Credentials and Access

The Outlook integration is authenticated at the tenant level using Microsoft’s Graph API and Azure Active Directory. Required credentials include:

• Tenant ID
• Client ID
• Client Secret

These authentication credentials are issued during the Azure app registration process. Once connected, the integration does not require individual user-level setups. Authorization is applied organization-wide by the Fostr platform using delegated service permissions.

All credentials are encrypted and securely stored within Fostr’s infrastructure. Sensitive access tokens and secrets are protected using industry-standard encryption protocols and stored only in server-side systems with restricted admin-level access.

During integration, Fostr requests specific Microsoft Graph scopes. These typically include read access to:

• User profiles
• Mail content (read or metadata-only depending on configuration)
• Calendar events (including meeting metadata)
• Organizational directory structure

These scopes must be explicitly approved during OAuth authorization via Azure AD. Once granted, permissions govern what data may be accessed and synced into Fostr.

The integration does not require end users to adjust visibility settings for emails or calendars. Outlook object references are resolved through internal Graph IDs, eliminating the need for emails to be made public or searchable externally.

Permissions and Visibility

Once active, Outlook data syncing into Fostr includes targeted metadata from message threads and calendar events. This information is used to enrich workflows, trigger automation, or provide important context tied to operational actions and customer record activity.

Types of data visible in Fostr after sync:

• Subject-line metadata from relevant email threads
• Meeting metadata from calendar events (participants, time, organizer)
• AI-derived summaries or workflow suggestions (where enabled)
• Canonical thread references or IDs linked to Records or Actions

Visibility of Outlook-sourced data is automatically restricted based on access policies defined by the organization. The following visibility logic is enforced:

• Users see only Outlook-derived content that involves them directly (as a participant or organizer)
• Managers or leads may see derived context from communications involving their direct reports
• Admin-level users with explicit roles may view integration logs or perform sync troubleshooting

Permissions follow an organizational model (based on directory hierarchy), and access cannot currently be customized at a team or departmental level. Manual exceptions or granular ACL (Access Control List) filters are not supported at this time.

Once configured, the integration requires no additional user action. Data syncing runs passively in the background, capturing new content or events at defined intervals or based on system triggers. Users do not need to manually assign emails, tag messages, or connect accounts individually.