In this joint development effort, Microsoft teamed up with Wiretap to prototype a new product feature to streamline the process of managing security and policy-related violations in the enterprise social network monitoring platform.

Core team:

Our solution resulted in creation of an Office 365 Connector for Groups that can be connected to an individual Wiretap policy. Without the Office 365 Connector, the only way for users to manage, approve, or deny violations is to visit the Wiretap web portal. With the connector in place, users can now subscribe to policy notifications and be notified directly in Outlook. These notifications contain deep links that allow users to directly approve or deny violations as they come in.

Customer profile

Wiretap discovers, manages, and protects confidential data through always-on monitoring and policy enforcement for Yammer. Designed specifically for Yammer, Wiretap offers enterprises greater visibility into their data while providing controls to help govern and secure their Yammer network. ​Null, Ltd, creator of Wiretap, was founded in the United States and has global sales of the Wiretap platform and a records retention module for Yammer. They are planning Wiretap implementations for Slack, Salesforce.com, Facebook and Skype. Wiretap was a silver partner with Microsoft at Ignite in 2016.

Wiretap team at Ignite

Problem statement

Wiretap intelligently analyzes content posted to Yammer to check for policy adherence. In the past, all content tagging, alerts, digests, and policy controls on content from Yammer could only be done through the Wiretap portal. Switching out of an active workflow in Outlook to manage a policy violation reduces productivity. We looked at building an Office 365 Connector to increase productivity by shortening the time to notification, minimizing the time to manage violations, and reducing the time spent context switching that was required to monitor violations.

Solutions, steps, and delivery

I met with Wiretap for one day to develop a proof of concept of Office 365 Connector for Groups and get it integrated into the Wiretap product. First, Matt Huber from Wiretap spent one hour demonstrating the product and discussing possible points of integration. Next, I spent one hour showing the functionality of Office Group Connectors including deep links into a web application. This gave me an understanding of how Wiretap handles violations and its technical architecture, and gave Matt an understanding of how the Office 365 Connector programming model worked.

During the registration of the connector on Office 365, we found a requirement to have a fixed callback domain. Because the Wiretap platform is multitenant, we needed to create a process that would allow for callbacks to be handled for different companies.

Our solution was to create the “Wiretap Office 365 Connection Helper.” This is an interstitial web app that worked around the fact that the Wiretap Connector registration could only be pinned to a single domain. Wiretap runs on a different domain for each customer, so this interstitial web page solves the problem.

This allowed us to fit into the existing Office 365 model while making it work for the Wiretap scenario. In one afternoon, we were able put together a prototype interstitial web app, deploy it to Azure App Service, and update Wiretap to send a JSON payload to the Office 365 Connector.

Matt was able to take this prototype back to his team and build out the application workflows for integrating the connectors with individual Wiretap policies. Wiretap also added more complete functionality to the Azure web application to support the multiple tenants of their application.

End customer example

The connector that was built through this collaboration is now included in the next release of the Wiretap product, which is currently deployed to 275,000 seats.

Once a policy is set up in Wiretap, any user can manage notifications using Office 365 Connector. From the portal, users can log on to Office 365 and select the group to be notified when the policy is violated.

The required URL for the webhook connection is returned to the Connection Helper. With a copy and paste back into the Wiretap “Add Notification” dialog, the connection is permanently in place, and notifications will start flowing.

General lessons

Wiretap was extremely excited when we prototyped a connector in just a couple of hours. The process of building the workflow and thinking about how the customer would be interacting with the creation of the connections was the most time-consuming process.

Matt Huber, co-founder of Wiretap, talked about Office 365 Connectors:

“It was easy to use. I [already] know how to send a JSON payload and connect to a webhook and to me it was just almost effortless—it was great!”

The interstitial web app that we built to sit between Wiretap and the connector authentication can be reused for applications that are multitenant or have different domains based on deployment. Links to the project code for the interstitial web application can be found below.


Wiretap Office 365 Connector demo video (Channel9)

Additional resources


Managing notifications

Manage Notifications


Office 365 Webhook

Office365 Webhook


Selecting an Office 365 Group

Wiretap Interstitial


Wiretap interstitial

Office365 Webhook