Microsoft 365 setup

Connecting Trace to your Microsoft 365

A short, reversible setup that lets Trace read the transcripts of the meetings you choose — nothing more. Here is what it does, why it is safe, and how to undo it.

about 20 minutesone administratorno bots, no recordingreversible in one click

Trace turns your engagement’s meetings into a searchable base of evidence — every finding tied to the exact words someone said, with a citation you can click straight back to. To do that it reads the transcripts Microsoft Teams already produces. This setup happens inside your own Microsoft directory, where you keep every control.

What Trace can and cannot see

The whole security story on one screen, before any steps.

What it can read

  • Transcripts of Teams meetings — only for the specific people you list
  • Meeting titles and times, to file each transcript correctly
  • That a cloud recording exists (its metadata)

What it cannot do

  • Join or sit in on meetings — there is no bot in the room
  • Read meetings of anyone not on your list
  • Open your SharePoint, email, or files
  • Change, move, or delete anything in your tenant

What you control

  • Exactly whose meetings are in scope
  • Whether transcription is on at all
  • Instant off — disable the app or the policy
  • Full visibility of every grant in your admin portal

The one idea that makes this safe

Reading transcripts needs a Microsoft permission that, on its own, sounds broad. So Microsoft pairs it with a second lock that you set: a policy naming precisely whose meetings the app may read. Both locks must agree. Grant the permission but name no one, and Trace can read nothing.

Capture is also native to Microsoft. Trace never places a bot or recorder in your calls. It reads the transcript Teams itself generates when a participant turns transcription on — with Microsoft’s own on-screen banner shown to everyone in the meeting.

Why this matters

You are not opening a door to “all meetings.” You are handing Trace a labelled key that only fits the meetings of the people you explicitly list — and you hold the master switch.

How the setup works

Your administrator does three things. Everything else happens on the Trace side.

1

Turn on meeting transcription

~5 min

A single Microsoft setting, so Teams produces a transcript to read. Your admin can also let the setup tool do this automatically.

2

Run the guided setup

~10 min

One audited tool creates the connection, requests only the permissions listed on the technical page, records your approval, and names whose meetings are in scope — with nothing installed on anyone’s computer.

3

Send three values to Trace

~2 min

The tool prints three identifiers to hand back over a secure channel. That is the last thing needed from you — Trace does the rest and tells you when it’s live.

Where your data goes

When Trace reads a transcript, it uses a top-tier AI model under a strict Zero-Data-Retention arrangement: your content is never used to train any model and is not retained by the AI provider. The evidence base itself is stored in Canada. Trace’s promise is provenance, not paraphrase — every claim keeps the speaker’s exact words and a link straight back to the source, so anything it tells you is auditable.

No cost on the Microsoft side

The transcript APIs are not metered by Microsoft, so there is no Azure billing to set up.

Common questions

Can Trace read every meeting in our organization?+
No. The policy you set is the real limit — Trace can only read meetings organized by the specific people you list. Everyone else is invisible to it.
Does Trace record or listen to our calls?+
No. There is no bot and no recorder. Trace only reads the transcript Teams itself creates when someone turns transcription on — and Teams banners every participant when that happens.
Can Trace change or delete anything in our environment?+
No. Every permission it holds is read-only. It cannot write to, move, or delete anything in your tenant.
What about SharePoint and email?+
Email isn’t part of this at all. SharePoint starts at zero access and stays there until you deliberately grant one specific site.

Ready for your IT administrator?

The technical page has the exact commands, the full permission list, and a manual click-through.

See the technical setup →

Back to sign in