Skip to main content
When the first user in an organization attempts to connect their Outlook account to Athena, the process may require admin approval, depending on the organization’s Azure setup. Below is a step-by-step guide outlining the process:
1

Requesting Admin Approval

When the first user attempts to connect their Outlook account, they may receive a prompt to request admin approval. This is a security measure managed through Azure.
2

Notification to Org Admins

Upon requesting approval, an automated email is sent to the organization’s admin(s). This email contains instructions for granting the necessary permissions.
3

Admin Approval

  • Once the admin receives the email, they can review and approve the request.
  • After the admin approves, the user will receive an email notification confirming their approval.
4

Completing the Setup

The user can return to the Athena settings page and retry adding their Outlook account to complete the setup.

Additional Notes for Admins:

  • “Approve for Entire Company” Option: If an admin connects their own email during this process, they will be presented with an option to “Approve for Entire Company.” Selecting this option grants approval for all users in the organization and eliminates the need for subsequent users to request individual permissions.
  • Potential Delays: In some cases, the admin may not respond to the automated email or may face challenges, such as not remembering their Azure password. If this occurs, users should follow up with their admin to expedite the process.

Security Considerations

The Outlook connection process is designed with enterprise security in mind:
  • Per-user authorization: Each user must individually authorize Athena to access their Outlook account. Athena cannot access any user’s mailbox without their explicit consent — even if an admin has approved the app for the organization.
  • Admin consent controls scope, not access: When an admin selects “Approve for Entire Company,” this only removes the approval prompt for individual users — it does not grant Athena automatic access to anyone’s mailbox. Each user must still individually connect their own account.
  • Azure AD governance: Organizations retain full control through Azure AD. Admins can revoke the app registration at any time from the Azure Portal, immediately cutting off access for all users.
  • Workspace owner restrictions: Athena workspace owners can disable email connectivity for the entire workspace, preventing any member from connecting their Outlook account regardless of Azure AD settings.
For more details on how Athena handles email privacy and workspace-level controls, see Email Integration with Athena.