Integrate a new Microsoft Teams source (private beta)
For now, only real-time scanning is supported. All detectors are supported, with the exception of these 2 generic detectors, in order to limit the risk of false positives:
Setting up and configuring this integration is limited to users with an Owner or Manager access level. Microsoft Teams tenant installation is only open to workspaces under the Business plan, but uninstallation is open to all. Alternatively, you can install and test secret detection in Microsoft Teams with a 30-day trial. Any secret incidents created during this period will remain accessible in your incident dashboard after the trial period.
GitGuardian integrates natively with Microsoft Teams via an Entra app that you can install on your Microsoft Teams tenants. Note that the GitGuardian Entra app only has read access to your channels.
Setup your Microsoft Teams integration
You can install GitGuardian on multiple Microsoft Teams tenants to monitor your standard, private and shared channels.
- Make sure you're logged as administrator in the Microsoft Teams tenant you want to install
- In the GitGuardian platform, navigate to the Sources integration page
- Click on the Install button next to Microsoft Teams in the Messaging section
- Click on the Install button of the Microsoft Teams integration page
- Select your Microsoft Teams administrator account
- Click on the Accept button to accept the permissions requested by GitGuardian
That's it! Our GitGuardian Entra app is now automatically installed on your Microsoft Teams tenant. It will now start monitoring all posts shared on your standard, private and shared channels for secrets.
Uninstall your Microsoft Teams tenant
To uninstall a Microsoft Teams tenant:
- In the GitGuardian platform, navigate to the Sources integration page
- Click on the Edit button next to Microsoft Teams in the Messaging section
- Click on the bin icon next to the Microsoft Teams tenant to be uninstalled
- Confirm by clicking on the Yes, uninstall button in the confirmation modal
That's it! Your Microsoft Teams tenant is now uninstalled and the associated secret incidents remain visible in the incident dashboard.
Limitations
The Microsoft Teams integration is currently available in private beta and has a number of limitations:
- Once integration has been completed, real-time secret detection is not immediately activated on all channels. The channel integration process continues in the background and may take some time, depending on the size of your Microsoft Teams. Integration progress is visible from the Microsoft Teams integration page.
- The number of channels that can be included in the monitored perimeter depends on the number of subscriptions authorized by your Azure tenant. In any case, there is a hard limit of 10,000 channels that can be monitored. This limit may be lower, depending on the number of subscriptions already consumed by third-party applications. If your Microsoft Teams has too many channels, your monitoring will be partial. We prioritize the integration of standard channels, followed by private channels, then shared channels.
- The monitored perimeter is not yet available from the Perimeter page. The list of monitored channels will be integrated in the near future, allowing you to see the full perimeter of monitored channels in the event of partial monitoring.
Privacy
Country-specific laws and regulations may require you to inform your Microsoft Teams users that your channels are being scanned for secrets. Here is a suggestion for a message you may want to use:
As part of our internal information security process, the company scans the Microsoft Teams channels for potential secrets leaks using GitGuardian. All data collected will be processed for the purpose of detecting potential leaks. To find out more about how we manage your personal data and to exercise your rights, please refer to our employee/partner privacy notice. Please note that only channels relating to the company’s activity and business may be monitored and that users shall refrain from sharing personal or sensitive data not relevant to the channel’s purpose.
