Skip to main content
Skip table of contents

Installation manual for Microsoft 365

Read this article in: Deutsch, Français, Dutch

This document show how you can install the SoSafe Phishing Report Button add-in for Outlook if you use Microsoft 365.  

Using the Phishing Report Button, all your employees can report suspicious emails as phishing attempts in their Outlook mail program. If the reported email was one of our phishing simulations, the user receives a message, that he successfully detected our phishing attempt. If the reported email is not from us, the case will be automatically forwarded to the IT department for examination. The forwarding address can be chosen freely. If you have any questions, please contact us at any time. 


One of the following servers is required:

  • Microsoft 365 for Business / Microsoft 365 for Education

  • Exchange Server 2016 (only Hybrid), Version 15.1.544.27 (CU3) or later version

Furthermore, you should have received a manifest file in XML-format (sosafe-manifest.xml), which is needed for the installation. If not, you can download it yourself in the SoSafe Manager via: "Phishing Report Button > Email Integrations > Phishing Report Button manifest".

The centralized deployment of add-ins should be enabled(see details)


After the installation is complete the button can be used in the following mail clients: 

  • Outlook 2016 (or higher) for Windows

  • Outlook 2016 (or higher) for Mac

  • Outlook Web Access (for Exchange 2016 or higher and Microsoft 365 )

  • Outlook for iOS

  • Outlook for Android

Outlook 2013 is not supported anymore.

Note: Microsoft does not fully support the use of add-ins in shared mailboxes. Further details regarding add-in support are available on this Microsoft page.


Step 1

Log on to your admin center and click on “Admin”.


Step 2

Click on “Show all” on the left sidebar and select “Settings” (1) and then “Integrated Apps” (2).

rtaImage (1).jpeg

Step 3

Click on “Upload custom apps”.

rtaImage (2).jpeg

Step 4

Select the option "Upload manifest file (.xml) from device." (1) and click on "Choose File" (2).

That will open a window, where you select the provided manifest file in the .XML-format (sosafe-manifest.xml). Then press “Open”.

rtaImage (3).jpeg

Step 5

The name of the manifest file should be visible next to the "browse" button. Press "Next". The manifest file will be processed quickly.

rtaImage (4).jpeg

Step 6

The option “Entire organization” should be selected. Click on “Next”.

rtaImage (5).jpeg

Step 7

You should now receive the following message:

rtaImage (6).jpeg

Click on “Next” and in the following window on “Finish deployment”. Wait till the installation is completed and click "Done". 

Note: After the aforementioned steps, the add-in will be provided within the next 24 hours. It is best to log off right away from your Microsoft Online Account and log back on. Check if you can find the add-in as mentioned below. Should that not be the case, check again after 24 hours.   

The Add-In Sosafe Phishing-Reporting should be visible in the overview “Integrated Apps” (c.f. Installation, Step 3):


rtaImage (7).jpeg


If you do not want to use the button anymore, you can uninstall it with three easy steps. 

Step 1

Open the overview “Integrated Apps” (c.f. Installation, Step 3). Press on the add-in “SoSafe Phishing-Reporting”.

rtaImage (8).jpeg

Step 2

A new window will open. There click on "Remove app”.

rtaImage (9).jpeg

Step 3

Click on “Yes, I'm sure I want to remove the app and associated data” (1) and afterwards on "Remove" (2).

rtaImage (10).jpeg



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.