Skip to main content
Skip table of contents

Technical details of the Phishing Report Button

Read this article in: English, Deutsch, Dutch, French

Our Phishing Report Button add-in is based on the technologies HTML, CSS, and JavaScript and is not an old COM+ plugin. Due to the web technologies used, the add-in can also be used in OWA (Outlook on the Web) or in the mobile Outlook apps.

The application is fed into the Exchange environment via a manifest file. This contains all configurations for the display, access rights and references to the add-in host. The Microsoft REST API (onPrem Setups), Graph API or EWS (Exchange Web Services) can be used as an interface to the Exchange Server. 

Furthermore, the button first obtains a configuration package from our SoSafe server when starting.

The add-in specifically accesses the following end points:

API:                                                

getCallbackTokenAsync (with isRest flag)

To retrieve the access token

GET

/api/v2.0/me/messages/MESSAGEID 

To retrieve the email header

POST

/api/v2.0/me/sendmail

To send the email

DELETE

/api/v2.0/me/messages/MESSAGEID

To delete the email

GET

/api/v2.0/me/messages/MESSAGEID/attachments/ATTACHMENTID

To retrieve an attachment

EWS: 

getCallbackTokenAsync

makeEwsRequestAsync

Further information can be found in the official documentation from Microsoft:
https://docs.microsoft.com/en-us/office/dev/add-ins/

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.