Installation manual Zivver OWA add-in

Introduction

Use the Zivver Outlook Web Access Add-in to securely send and receive messages directly from Outlook Web Access (OWA). This manual describes how to install the add-in in Exchange Online (part of Microsoft Office 365). The Zivver OWA add-in is available for Exchange Online.

Technical requirements

You can install the Zivver OWA add-in in Exchange Online. To use the OWA add-in, you must meet these requirements:

  • Exchange Online
  • The users’ workstations (Windows or Mac) have the latest General Available (GA) or Stable version of one of these modern browsers installed:
    • Microsoft Edge based on Chromium
    • Google Chrome / Chromium (for Android/iOS)
    • Mozilla Firefox
    • Apple Safari (for iOS)
  • Third-party cookies are set to allowed in browser settings.
    The OWA add-in uses cookies to store settings (called localStorage).

To install the Zivver OWA add-in in Exchange Online, you must meet these requirements:

  • An Azure/Exchange admin account with:
    • Global Admin role

Installation

You can install the Zivver OWA add-in via either Microsoft 365 admin center or PowerShell. Both are explained in this manual.

Deploy and configure the Zivver OWA add-in via Microsoft 365 admin center

  1. Log in to the Microsoft 365 admin center.
  2. Click add Deploy Add-In.
  3. Click Next.
  4. Select Upload custom apps under Deploy a custom add-in.
  5. Enter https://owa-v6.zivver.com/manifest.xml as the URL of the OWA Add-in manifest file.

    Make sure to include https://, even though this is already mentioned in the user interface.
  6. Click Upload.
    A Configure add-in screen is shown.

  7. Choose which users get assigned the Zivver OWA add-in:

    • Everyone
      All users in your organization can use the add-in. Select “Everyone” to roll out the add-in to your entire organization. For example when going Live with Zivver.
    • Specific users / groups
      Only make the add-in available for specific users or groups. Select this for a pilot of when only specific users use OWA.
    • Just me
      Only makes the add-in available for your logged in admin account. Select this if you only want to test yourself.
  8. Select how the add-in is deployed to users:

    • Fixed (Default)
      Recommended. The add-in is enabled by default for assigned users, and they can’t disable the add-in.
    • Available
      Not recommended. The add-in is disabled by default, but assigned users can install the add-in when they want.
    • Optional
      The add-in is enabled by default for assigned users, but they can disable the add-in when they want.
  9. Click Deploy.

  10. Read the Microsoft notice and click Next.

  11. Click Close.
    The Zivver OWA add-in is now installed and configured for your Office 365 organization. It may take up to 24 hours for the change to be implemented in Exchange Online. See Microsoft’s documentation for more information.

  12. Continue with the steps for the admin consent

Zivver OWA add-in requires admin consent for your organization in order to work seamlessly with the Microsoft Graph API.

Prerequisites

  • Have a user mailbox with the Zivver OWA add-in deployed
    This user mailbox is required to have a Zivver account. This user mailbox is not required to admin privileges.
  • Have global administrator credentials available when performing the steps below
    Either via the user mailbox that has the OWA add-in deployed or separate administrator credentials
Always Consent on behalf of your organization.
  1. Open outlook.office.com with the user mailbox that has the Zivver OWA add-in deployed
  2. Open the Zivver OWA add-in by opening a new draft email and clicking the Zivver icon, or via Apps from the top ribbon and selecting Zivver from here
    The login proces should start, opening a flyout window from login.microsoftonline.com
  3. If you are logged in with an administrator account, then select Consent on behalf of your organization and click Accept.

    If you are logged in with a user mailbox without administrator privileges, then select Have an admin account? Sign in with that account. After you have succesfully authenticated your administrator account, you can select Consent on behalf of your organization and click Accept.
  4. Proceed with the required additional settings

If you forget to check the box at Consent on behalf of your organization, you will not get another chance. You have to do over the above steps with a different administrator account.

Required additional settings

Create an Exchange rule for Zivver messages

Set this rule must to prevent OWA from sending a Zivver message as unencrypted, regular email.

If you do not set this rule when working with the Zivver OWA add-in, then Zivver messages will be sent unsecured. This might cause a data leak.
  1. Log in to the Exchange admin center.
  2. Click mail flow in the left side pane.
  3. Select the Rules tab.
  4. Click add Add a rule > Create a new rule.
  5. Give the rule the name zivver-action: discard.
  6. Under Apply this rule if select the option The message headers … and the sub-option matches these text patterns.
  7. Click Enter text.
    specify header name opens.
  8. Enter zivver-action. Then, click Save.
  9. Click Enter words.
    specify words or phrases opens.
  10. Enter discard.
  11. Click Add.
  12. Click Save.
  13. Under Do the following the option Block the message, and the sub-option delete the message without notifying anyone.
  14. Click Next.
    _Set rule settings opens.
  15. Set the Rule mode to Enforce.
  16. Set Severity to Low.
  17. Select Stop processing more rules.
  18. Set Match sender address in message to Header.
  19. Click Next. Then, click Finish.
  20. Wait a few seconds. Then, click Done.
    Now you can set the priority.
  21. Select the new rule.
  22. Enable the rule.
  23. Click Edit.
    Zivver-action:discard opens
  24. Click Settings.
  25. Set the priority of the zivver-action:discard rule to 0
    A mail flow rule has now been created that prevents Zivver messages from being sent as unencrypted, regular email.
  26. Click Save. Then, click Done.

Internet Explorer security zone

For Windows users only.

Add these locations to the Trusted sites zone of Internet Explorer. This prevents a white screen during logging into the OWA add-in.

  1. Open the control panel.
  2. Click Network and Internet.
  3. Click Internet Options.
  4. Click the Security tab.
  5. Click Trusted websites.
  6. Click the Websites button.
  7. Add these URLs as trusted websites:
    • Zivver OWA add-in: https://owa-v6.zivver.com
    • Zivver web app: https://app.zivver.com
    • OWA: https://outlook.office.com
  8. Click Close.
  9. Click OK.

MacOS Safari privacy settings

For MacOS users only.

  1. At Settings > Privacy make sure “Prevent cross-site tracking” is unchecked.
  2. At Settings > Privacy make sure “Block all cookies” is unchecked.
  3. At Websites > Pop-up windows make sure “outlook.office.com” is allowed.

Verify the installation was successful

It may take up to 24 hours for the above changes to be implemented in Exchange Online. If you can’t verify that the installation is successful within 24 hours after installation, please try again the next day.
  1. Click New to create a new message.
  2. Set up a message as usual with a recipient, subject and body.
  3. Click on the three dots in the Outlook toolbar at the top of your screen.
  4. Click the Zivver link in the menu.
    The Zivver side panel opens on the right side.
  5. Log in to Zivver if you are not logged in automatically.
  6. Turn on Secure mail.
  7. Click Recipient verification.
    A new screen listing all recipients opens.
  8. Complete the recipient verification where necessary.
    Learn more about Recipient verification
  9. Click Apply.
  10. Click Send to send the message.
    A Zivver pop-up can show to check the email and attachments on sensitive information.
  11. Verify in the recipients’ inbox that a Zivver message has been received and no unencrypted, regular email has been received.
    You have now verified the installation was successful.
Also send a unencrypted, regular email to verify the regular email flow works as intended.

Turn off the OWA add-in in Outlook

If your users work with both OWA and Outlook for desktop, then they may see a Zivver button in the Outlook ribbon caused by the OWA add-in. This button has no functionality and having the OWA add-in in Outlook can be confusing for users. Therefore we recommend to disable the OWA add-in button in the Outlook ribbon. Follow the instructions in our manual to disable the OWA add-in in Outlook.

Remove the Zivver OWA Add-in from Microsoft 365 admin center

If you want to remove the Zivver add-in, follow these steps to uninstall it from the Exchange admin center.

  1. Log in to the Microsoft 365 admin center.
  2. Select Zivver.
    The Zivver Add-in screen appears in a right side pane.
  3. Scroll down on the Zivver side pane and click Delete add-in at the bottom of the side pane.
  4. Confirm by clicking Delete. The Zivver OWA add-in has now been removed.

Remove the Zivver Exchange rule

Do these steps to remove the Zivver Exchange rule from the Exchange admin center.

  1. Log in to the Exchange admin center.
  2. Click mail flow in the left side pane.
  3. Select the Rules tab.
  4. Select the mail flow rule zivver-action:discard.
  5. Delete the rule delete .

Was this article helpful?

thumb_up thumb_down