Technical details of the Phishing Report Button
Our Phishing Report Button add-in is based on the technologies HTML, CSS, and JavaScript and is not an old COM+ plugin. Due to the web technologies used, the add-in can also be used in OWA (Outlook on the Web) or in the mobile Outlook apps.
The application is fed into the Exchange environment via a manifest file. This contains all configurations for the display, access rights and references to the add-in host. The Microsoft REST API (onPrem Setups), Graph API or EWS (Exchange Web Services) can be used as an interface to the Exchange Server.
Furthermore, the button first obtains a configuration package from our SoSafe server when starting.
Host of the add-in: https://reporter.sosafe.de
API-URL-SoSafe: https://api.sosafe.de/v1
The add-in specifically accesses the following end points:
API:
getCallbackTokenAsync (with isRest flag) | To retrieve the access token | |
GET | /api/v2.0/me/messages/MESSAGEID | To retrieve the email header |
POST | /api/v2.0/me/sendmail | To send the email |
DELETE | /api/v2.0/me/messages/MESSAGEID | To delete the email |
GET | /api/v2.0/me/messages/MESSAGEID/attachments/ATTACHMENTID | To retrieve an attachment |
EWS:
getCallbackTokenAsync
makeEwsRequestAsync
Further information can be found in the official documentation from Microsoft:
https://docs.microsoft.com/en-us/office/dev/add-ins/