How do I get an app/add-in approved for use within Microsoft 365?
Connections between Microsoft 365 and third-party services must be be reviewed by the SFU Privacy Office and IT Services before they can be made available to the university community.
To request a review, your third-party platform/service must have a completed Privacy Impact Assessment (PIA) and be part of an institutionally supported platform. Ad-hoc requests without completed PIA will not be considered.
For more information about completing a Privacy Impact Assessment see the SFU Privacy Office's website.
Get Started with a Privacy Impact Assessment
Why does an app/add-in need to go through a review process?
As a B.C. public institution, the university has a responsibility to review how apps/add-ins access data associated with SFU Microsoft 365 accounts.
By going through a formal review process, the university can assess how an app/add-in will manage, transmit, store or transform data associated within Microsoft 365 cloud services. This process helps ensures the security and safety of third party apps and add-ins as they interact with a variety of different data permissions (from basic profile information to email calendar information).
What's the difference between ad-hoc apps/add-ins and institutionally supported ones?
An institutionally supported app is adopted by department/unit for business, research, or learning needs within the university. For example, a student advising team may have a third-party app that connects to staff email calendars to help students book appointments, or the SFU library may advertise a citation add-in in Microsoft word to help the university with referencing.
In contrast, ad-hoc apps/add-ins are personal tools adopted by an individual. For example, this may be a third-party app you use to organize files for your personal non-SFU work but also want it to connect to your SFU OneDrive space so you can manage files within a single app.
What apps/add-ins are already available?
Apps/add-ins that have already undergone a review are maintained in the list below.
| App Name |
Application Type |
Available to |
| Gmail |
Email Client |
All SFU |
| Apple Mail |
Email Client |
All SFU |
| Samsung Mail |
Email Client |
All SFU |
| Thunderbird |
Email Client |
All SFU |
| TBSync Add-on for Thunderbird |
Email Client Add-on |
All SFU |
| Zoom for Outlook |
Microsoft Outlook Add-in |
All SFU |
| Salesforce for Outlook |
Microsoft Outlook Add-in |
Select departments at SFU |
| Mendeley Cite for Word |
Microsoft Word Add-in |
All SFU |
| Crestron |
Exchange Online Integration |
Select departments at SFU |
Frequently asked questions
How long does it take for an app/add-in to get approved?
Times for a review can vary depending on the permissions required, scope of users, and overall complexity of the integration. On average, a review may take 1-6 months to complete.
If an app/add-in is available, does that mean the platform it uses is also approved?
No. SFU only approves the app/add-in itself. This does not approve the platform overall by proxy. For example, if a social media app for MS Teams is available that doesn't approve the entire social media platform.
Many areas at SFU use a variety of services to help with the university's mission. Vetting apps/add-ins helps our community avoid less secure alternative accounts/methods to connect to those services.
can I use this to request apps/add-ins that don't integrate with microsoft products/services (e.g., canvas, Zoom)?
No. This request process is only for apps/add-ins that will leverage Microsoft products or services.
My app/add-in is broken, where can I get help?
Departments/units that adopt third-party apps/add-ins should refer to publisher documentation/support resources. SFU's IT Services does not provide direct support third-party apps/add-ins outside the integration with Microsoft 365.