Microsoft 365 Integration

Overview

Talos integrates with Microsoft 365 via Azure AD (Entra ID) app registration. Once configured, Talos can read incoming emails (inbox and sent items), classify them by supplier or category, and send emails on your behalf — all through the Microsoft Graph API.

This guide walks you through creating an Azure app registration, granting the required API permissions, and entering the credentials in the Talos dashboard.

What You Need

• A Microsoft 365 Business account (Exchange Online)
• Azure AD / Entra ID admin access (to create app registrations and grant admin consent)
• A Talos admin account
• The email address you want Talos to read from and send as (e.g. purchasing@yourcompany.com)

Step 1 — Create an Azure App Registration

1. Go to the Azure Portal at portal.azure.com
2. Navigate to Microsoft Entra ID (formerly Azure Active Directory)
3. In the left sidebar, click App registrations
4. Click New registration
5. Fill in the details:
   • Name: Talos Integration (or any name you prefer)
   • Supported account types: Select Accounts in this organizational directory only (Single tenant)
   • Redirect URI: Leave blank (not needed for client credentials flow)
6. Click Register

After registration, you will see the Overview page. Copy these two values — you will need them later:

Step 2 — Create a Client Secret

1. In your app registration, go to Certificates & secrets in the left sidebar
2. Click New client secret
3. Add a description (e.g. Talos production)
4. Choose an expiration period (recommended: 24 months)
5. Click Add
6. Immediately copy the secret Value — it is only shown once. If you lose it, you must create a new one.

Step 3 — Grant API Permissions

1. In your app registration, go to API permissions in the left sidebar
2. Click Add a permission
3. Select Microsoft Graph
4. Select Application permissions (not Delegated)
5. Search for and add the following permissions:

6. After adding both permissions, click Grant admin consent for [Your Organization]
7. Confirm when prompted — both permissions should show a green checkmark under "Status"

Note: Admin consent is required because these are Application-level permissions. Without admin consent, the integration will not work.

Step 4 — Configure in Talos Dashboard

1. Log in to the Talos dashboard as an admin
2. Go to Settings > Email
3. Enter the following fields:

4. Click Save
5. Talos will validate the credentials by attempting to acquire a token from Azure. If successful, the integration is active.

What Talos Does with Email

Once configured, Talos uses the Microsoft Graph API to:

• Sync inbox and sent items — periodically fetches new emails using the Graph delta API for incremental sync
• Classify emails — uses AI to categorize emails by supplier, order, or topic based on your mail rules
• Send emails — sends RFQ requests, reports, and notifications from the configured sender address
• Track conversations — groups related emails by conversation thread for context

Security Notes

• Talos uses the OAuth 2.0 client credentials flow — no user login or browser redirect is involved
• The client secret is stored encrypted in Talos and is never exposed in the dashboard after saving
• Only the Mail.Read and Mail.Send permissions are used — Talos cannot access calendars, contacts, files, or other Microsoft 365 data
• You can revoke access at any time by deleting the client secret or the app registration in Azure

Troubleshooting

Step 5 — Calendar Integration

To enable calendar features, add the Calendars.ReadWrite permission to the same Azure app registration you created in Step 1.

1. Go to your app registration in Azure Portal > API permissions
2. Click Add a permission > Microsoft Graph > Application permissions
3. Search for Calendars.ReadWrite and add it
4. Search for OnlineMeetings.ReadWrite.All and add it (for creating Teams meetings)
5. Click Grant admin consent for [Your Organization]

Calendar Features

• List today's meetings — see all scheduled events for the day with times, locations, and agenda
• View attendees — see who is joining each meeting and their response status (accepted, tentative, declined)
• Create events with Teams meeting link — set isOnlineMeeting: true and onlineMeetingProvider: "teamsForBusiness" to auto-generate a Teams link
• Free/busy check — check availability across your team before scheduling new meetings

Step 6 — Microsoft Teams Integration

Add Teams permissions to enable channel messaging and team chat capabilities through Talos.

1. Go to your app registration in Azure Portal > API permissions
2. Click Add a permission > Microsoft Graph > Delegated permissions
3. Search for and add: Chat.ReadWrite, ChannelMessage.Send, Team.ReadBasic.All
4. Click Grant admin consent for [Your Organization]

Teams Features

• List joined teams — see all Teams workspaces your organization belongs to
• Read channel messages — browse conversations in any channel across your teams
• Send channel messages — post updates, alerts, and reports directly to Teams channels
• 1:1 chats — send direct messages to team members for urgent notifications

Use case: Post production updates to a "Manufacturing" channel, notify the quality team about non-conformances, or alert purchasing when stock runs low.

Step 7 — OneDrive & SharePoint Integration

Add file access permissions to browse, search, and download documents from OneDrive and SharePoint.

1. Go to your app registration in Azure Portal > API permissions
2. Click Add a permission > Microsoft Graph > Application permissions
3. Search for Files.ReadWrite.All and add it
4. Search for Sites.ReadWrite.All and add it (for SharePoint access)
5. Click Grant admin consent for [Your Organization]

OneDrive Features

• Browse personal files — navigate your OneDrive folder structure via /me/drive/root/children
• Search files — find documents by name, content, or metadata across your entire OneDrive
• Download files — retrieve production documents, drawings, and specifications
• Create sharing links — generate temporary or permanent sharing links for collaboration

SharePoint Features

• Access team sites — browse your organization's SharePoint sites and document libraries
• Shared folders — navigate shared document libraries via /sites/{siteId}/drive/root/children
• Document management — store and retrieve production documents, certificates, and supplier specs

Use case: Store production drawings in SharePoint, retrieve supplier certificates for quality audits, or share test reports with customers.

Complete Permissions Reference

The table below shows all Microsoft Graph API permissions needed for the full Microsoft 365 suite. You can add only the permissions you need — email permissions are the minimum requirement.

What You Can Ask Talos

Once your Microsoft 365 integration is configured, you can use natural language to interact with all connected services:

• "What are my meetings today?"
• "Who is joining tomorrow's meeting?"
• "Create a Teams meeting with the production team"
• "Find quality documents in SharePoint"
• "Send order confirmation email to the supplier"
• "Post an update to the production channel"

Useful Links

• Azure Portal — Azure Portal — manage app registrations and API permissions
• Microsoft Graph API Documentation — Microsoft Graph API documentation — unified API for Microsoft 365
• Microsoft Graph Explorer — Graph Explorer — interactive tool for testing Microsoft Graph API calls
• Microsoft Teams API Documentation — Microsoft Teams API documentation for chat and channel integration
• OneDrive and SharePoint API Documentation — OneDrive and SharePoint API documentation for file management