Skip to main content

What data does Atlan store with the Microsoft Teams integration?

This FAQ answers common security and data privacy questions about the Microsoft Teams integration with Atlan, including what data is stored, what remains in Teams, and how the integration architecture ensures security.

Microsoft Teams integration overview

The Atlan Assistant app is installed at the team (channel) scope in Microsoft Teams to enable sharing Atlan assets, expanding Atlan links with context, and receiving event-driven notifications (glossary updates, announcements, workflows, playbooks) without leaving Teams. Configuration is performed by an Atlan admin, who connects the tenant and specifies which Teams channels are allowed to receive notifications. The Marketplace app supports standard channels only (not private or shared channels).

Data Atlan stores from Microsoft Teams

Atlan stores only the minimal metadata necessary to enable the integration:

  • Teams channel links that you configure during setup, so Atlan knows where to post notifications
  • Authentication tokens required to post to the configured Teams channels (stored as secrets in Atlan's infrastructure)
  • Limited user and channel mapping metadata necessary to deliver notifications to the correct channels

Data Atlan doesn't access or store from Microsoft Teams

The integration is designed for outbound collaboration only. Atlan doesn't import or crawl Teams content:

  • No Teams conversation content or message history is copied into Atlan
  • No Teams user lists or user activity streams are collected from Teams
  • No files or attachments shared in Teams are ingested by Atlan
  • No additional Teams metadata beyond what's necessary for basic connectivity and posting is retained

Linking Teams threads to Atlan assets

When you link a Teams thread to an Atlan asset, Atlan stores only the link reference so users can navigate back to Teams. The conversation content itself remains in Teams and isn't ingested into Atlan.

Integration security

The Marketplace integration uses Azure Bot Service to receive Teams events and a secure, multi-tenant integration service to route them to the correct Atlan tenant backend. Sensitive endpoints aren't publicly exposed, and Azure-to-AWS traffic is over a site-to-site VPN. Secrets (including Teams tokens) are kept in AWS Systems Manager Parameter Store. The ingress service maps Teams workspace IDs to the corresponding Atlan tenant in a lightweight database.

Supported channels

The Atlan Assistant app operates at both the team (channel) scope and DMs (personal) scope. You can configure multiple standard channels under the integration's Channels section. Private or shared channels aren't supported by the Teams app installation flow and error if selected.

Who can configure Microsoft Teams integration

Only Atlan admins can connect the tenant and manage which Teams channels are used for announcements and alerts. The Atlan Assistant can then be used within the approved channels by workspace members. End users can share Atlan links into Teams, and the bot expands the link with context (title and metadata) without exporting asset data from Atlan beyond that preview.

Compliance and data residency

The integration is post-only and reference-based: Atlan posts notifications to Teams and stores only minimal metadata (channel link, tokens, mapping) to perform that function. Teams data residency, content, and files remain in Microsoft Teams. Atlan doesn't replicate Teams content into Atlan. The integration ingress follows a segmented, private-network pattern (Azure Bot Service → VPN → AWS private load balancer → tenant backend) and uses centralized secrets management for credentials.