What data does Atlan store with the Microsoft Teams integration?
This FAQ answers common security and data privacy questions about the Microsoft Teams integration with Atlan, including what data is stored, what remains in Teams, and how the integration architecture ensures security.
What does the Microsoft Teams integration do?
The Atlan Assistant app is installed at the team (channel) scope in Microsoft Teams to enable sharing Atlan assets, expanding Atlan links with context, and receiving event-driven notifications (glossary updates, announcements, workflows, playbooks) without leaving Teams. Configuration is performed by an Atlan admin, who connects the tenant and specifies which Teams channels are allowed to receive notifications. The Marketplace app supports standard channels only (not private or shared channels).
What data does Atlan store from Microsoft Teams?
Atlan stores only the minimal metadata necessary to enable the integration:
- Teams channel links that you configure during setup, so Atlan knows where to post notifications
- Authentication tokens required to post to the configured Teams channels (stored as secrets in Atlan's infrastructure)
- Limited user and channel mapping metadata necessary to deliver notifications to the correct channels
What data does Atlan NOT access or store from Microsoft Teams?
The integration is designed for outbound collaboration only. Atlan doesn't import or crawl Teams content:
- No Teams conversation content or message history is copied into Atlan
- No Teams user lists or user activity streams are collected from Teams
- No files or attachments shared in Teams are ingested by Atlan
- No additional Teams metadata beyond what's necessary for basic connectivity and posting is retained
What happens when you link a Teams thread to an Atlan asset?
When you link a Teams thread to an Atlan asset, Atlan stores only the link reference so users can navigate back to Teams. The conversation content itself remains in Teams and isn't ingested into Atlan.
How's the integration secured?
The Marketplace integration uses Azure Bot Service to receive Teams events and a secure, multi-tenant integration service to route them to the correct Atlan tenant backend. Sensitive endpoints aren't publicly exposed, and Azure-to-AWS traffic is over a site-to-site VPN. Secrets (including Teams tokens) are kept in AWS Systems Manager Parameter Store. The ingress service maps Teams workspace IDs to the corresponding Atlan tenant in a lightweight database.
What channels are supported by the integration?
The Atlan Assistant app operates at the team (channel) scope only and doesn't support personal chats or DMs. You can configure multiple standard channels under the integration's Channels section. Private or shared channels aren't supported by the Teams app installation flow and error if selected.
Who can configure the Microsoft Teams integration?
Only Atlan admins can connect the tenant and manage which Teams channels are used for announcements and alerts. The Atlan Assistant can then be used within the approved channels by workspace members. End users can share Atlan links into Teams, and the bot expands the link with context (title and metadata) without exporting asset data from Atlan beyond that preview.
How does this integration support compliance and data residency?
The integration is post-only and reference-based: Atlan posts notifications to Teams and stores only minimal metadata (channel link, tokens, mapping) to perform that function. Teams data residency, content, and files remain in Microsoft Teams. Atlan doesn't replicate Teams content into Atlan. The integration ingress follows a segmented, private-network pattern (Azure Bot Service → VPN → AWS private load balancer → tenant backend) and uses centralized secrets management for credentials.