Allowlisting
      Back to home
      1. Help Center
      2. Getting Started
      3. Allowlisting

      Microsoft: Automated Allowlisting Guide

      This article will walk through what the Automated Allowlisting integration does and how to enable it.

      Microsoft Automated Allowlisting

      Automated allowlisting performs all the steps for you, listed in manual allowlisting, with a single button press. Follow these instructions to enable automated allowlisting at the company level.

      1. Navigate to Company > Integrations > Microsoft Automated Allowlisting
      2. Click Continue to Microsoft (After reviewing the necessary permissions)
      3. Log in to Microsoft and grant consent for the integration, and you will be navigated back to the Phin.
      4. Once the verification step is done, the integration will begin the allowlisting procedure immediately, pushing the most up-to-date sending IPs, sending domains, and simulated URLs into the following places in Microsoft Defender:
        1. Email & Collaboration > Policies & Rules > Threat Policies > Advanced Delivery > Phishing Simulation.
        2. Email & Collaboration > Policies & Rules > Threat Policies > Anti-Spam Policies > Connection Filter Policy
      5. Automated Allowlisting should take no more than a couple of minutes per company and can be done simultaneously in new tabs (you don't have to wait for one company to finish before proceeding to the next).
      6. Once the allowlist service is done, you'll receive either a success or a failure message. A success message will be accompanied by an output of what was updated.
        1. Success: If everything returns as successful, we recommend navigating to the 2 locations listed above and confirming that you see the injected sending IPs, domains, and simulated URLs listed. If you do not see them, please disconnect and re-attempt automated allowlisting or submit a ticket to the Phin support team.
        1. If you receive an error message, please disconnect and re-attempt automated allowlisting, as this typically resolves the issue. If you experience repeated failed attempts, please submit a ticket to the Phin support team.

      ⭐ IMPORTANT NOTES:

      • If additions are made to automated allowlisting (ex, added domains, URLs, rules), they will be auto-synced with the connected Microsoft environments, removing the need to re-run the integration once enabled
      • Check out the Financial Warning Mail Flow Rulewhich can automatically create a rule to add a warning banner to emails that feature specific keywords
      • If someone is added as an admin to Phin, connects this integration, and then is removed from Phin, the integration will continue to work
      • If you are using third-party software such as INKY, Barracuda, and others, you may need to add our IPs, domains, and simulated URLs to those platforms
      • Graph API delivery: Configure Phin's Graph API Mail Delivery integration that delivers emails directly to employees' Microsoft Outlook Inboxes.