Skip to main content

Connecting Third-Party Software to Stanford Microsoft 365

Before connecting third-party software to your Microsoft 365 account, make sure it’s university-approved — and remember, apps needing access to Stanford email aren’t permitted.

Ready to explore a new third-party application integration into the Stanford University Microsoft 365 (M365) environment? Before you dive in, make sure your software meets Stanford’s security, privacy, and compliance standards.

Here’s what you need to know:

  • All third-party apps must go through a formal review process before being used with a university M365 account.
  • Third-party apps that require access to the Stanford email system are not allowed.*
  • If you attempt to connect software that is not approved, it may be blocked or restricted.

Request a Formal Review 

The good news is you can use the same process already in place for M365 add-ins and plugins.

  • Start by visiting the M365 Add-ins and Plugins webpage for details about the review process and frequently asked questions.
  • Review the list of commonly requested software that has already been evaluated.
  • If you don’t find the app you’re looking for, submit a request to have it reviewed.

The Risks of Third-Party Apps

Third-party M365 apps are technologies that are not created or supported by Microsoft. While these apps may offer convenience and productivity benefits, they often require broad access to connected account data, which can introduce security and privacy risks.

For example, third-party applications may:

  • Lack strong security protections, making them more vulnerable to malicious attacks.
  • Access or share data in ways that do not meet university privacy or compliance requirements.
  • Introduce risks to sensitive university information stored within connected accounts.

Given these risks, Stanford thoroughly reviews each app to ensure it meets university security and privacy standards before it can be introduced into the M365 environment.

screenshot of Superhuman request window
To deliver their productivity features, third-party apps (such as Superhuman) often request broad access to data from connected accounts.

* If you’re looking for AI-assisted email and productivity features, M365 Copilot is approved for use within the Stanford M365 tenant. Applications that have not been evaluated by the university and require access to Stanford email — such as Superhuman — are not permitted. Review the GenAI Tool Evaluation Matrix for additional guidance on approved AI tools and data-use considerations.

Learn More

Share Feedback