# Email Security setup: Microsoft O365 ### Walkthrough Follow these steps to connect your Microsoft 365 tenant: {% stepper %} {% step %} In Stoïk Protect, go to `Email` > `Settings`. Select `Microsoft 365` and click `Confirm`. Sign in to Microsoft and accept permissions: * Sign in using an account with the necessary administrative permissions (typically a Microsoft 365 Global Administrator). * Review and accept the requested permissions. (For detailed information, see: [Which Microsoft 365 permissions are required to activate Email Security?](/email-security/email-security-setup-microsoft-o365/which-microsoft-365-permissions-are-required-to-activate-email-security.md)) * The core setup is now complete. {% endstep %} {% step %} Microsoft Purview Configuration This configuration is only required for clients with basic Microsoft 365 licenses and will only be shown within the Stoïk Protect application if the extra configuration is necessary for your environment. If you do not see the prompt, you can skip these steps. {% hint style="info" %} Note: Only perform the first step below if you are specifically prompted in the Stoïk Protect app and you have not previously configured Purview access. If access is already configured, proceed directly to Enabling Audit in Microsoft Purview. {% endhint %} {% stepper %} {% step %} Configure Microsoft Purview Access 1. Go to your [Azure Portal](https://portal.azure.com/) and sign in with an administrator account. 2. Access the `Marketplace`. 3. Search for Microsoft Purview, select it, and then click `Create`. {% endstep %} {% step %} Enabling Audit in Microsoft Purview 1. Go to [Microsoft Purview](https://purview.microsoft.com/) and sign in with an administrator account. 2. Access the `Solutions` menu, then click on `Audit`. 3. Click `Start recording user and admin activity` to enable activity recording. {% endstep %} {% endstepper %} {% endstep %} {% endstepper %} ### Monitoring Once the connection is successfully established: * View Monitored Mailboxes: Navigate to `Email` > `Mailboxes`. The list of monitored mailboxes will appear here. Historical Data Retrieval: We will automatically begin retrieving emails from the past 90 days for all monitored mailboxes, starting with the oldest messages first. This initial data retrieval process can take some time to complete. ### Multiple tenant connexion You can connect as many tenants (Microsoft 365 or Google Workspace) as you require. * Go to `Email` > `Settings`. * Click `Add a provider`. * Follow the same set-up procedure outlined in Set-up flow. {% hint style="info" %} If the users list doesn't show up more than 10 minutes after synchronization, please contact our team at to unlock the situation. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.stoik.io/email-security/email-security-setup-microsoft-o365.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.