Office 365 Add-on (OWA Reporting Button) Installation Guide

This article explains how to deploy IRONSCALES Report Phishing button to your organization's mailboxes. For a 1-minute video covering this process, scroll down to the bottom.

IRONSCALES OWA (Outlook Web Access) is a Report Phishing Outlook add-on that enables your employees to report suspicious emails directly from their email application to your IRONSCALES Dashboards. You can install the IRONSCALES OWA add-on for a specific user (Outlook profile) or distribute it to your entire organization. Once installed in a user’s mailbox, the IRONSCALES OWA add-on is displayed in all supported email platforms.

Whenever a suspicious email is reported by one or more of your employees, IRONSCALES opens an incident in your Incidents. Based on your IRONSCALES package, once the incident is marked as a phishing attack, IRONSCALES will trigger an automatic remediation action (available for Remediator, Collaborator, and Disruptor).

OWA add-on for Outlook users:

The Report Phishing button is not supported for shared mailboxes in a Microsoft Exchange integration with IRONSCALES

OWA add-on for Outlook Web Access:

Outlook for Android / iOS:

The IRONSCALES OWA Reporting Button is based on Microsoft's OWA Technology.

For full compatibility, including client and server requirements, please refer to the following link:

How Does OWA Work?

The add-on file is an XML file that describes the properties of the add-on. This file is installed on your Exchange server or on your Office 365 suite.

Supported clients

The following clients support the IRONSCALES OWA:

  • Outlook for Windows (2013 or later)
  • Outlook for Mac (2016 or later)
  • Outlook for iOS
  • Outlook for Android
  • Outlook Web Access for Exchange 2013 or later
  • Outlook Web Access for Office 365


  • Office 365 Integration Guide
  • The client must be connected to an Exchange Server or to Office 365, using a direct connection.
  • For Outlook Clients, Internet Explorer 11 or later must be installed, but this does not have to be the default browser
  • Due to Microsoft's OWA Add-on limitations, shared mailboxes cannot use the Report Phishing button via their Outlook app. Instead, emails from shared mailboxes can be reported via the company's 911 mailbox.
  • While configuring the client, make sure to set the Account Type to Exchange, Office 365 or Any configuration of POP3 or IMAP will not load the IRONSCALES OWA.
  • On-Premise: The IRONSCALES On-Premise Installation includes both the IRONSCALES add-on files and Report endpoint, served over HTTPS encrypted tunnel via TCP port 443.
  • SaaS: IRONSCALES SaaS Installation uses the following servers:

Bulk OWA Deployment

  1. Download Report Phishing Add-on (OWA - Office 365) file from IRONSCALES Resources. (Admin or MSSP)
  2. Go to Microsoft 365 Admin Center > Admin > Settings> Integrated apps.
  3. Click Add-ins.
  4. Select Upload custom apps > Choose File and open the Report Phishing Add-on (OWA - Office 365) file you previously downloaded.
  5. Click Upload.
    The Configure add-in pane is displayed.
  6. Select the users to distribute the Report Phishing button to.
    • Everyone: All users in your organization.
    • Specific users / groups: (Recommended) Specify specific users/mailboxes and/or Outlook groups.
    • Just me
  7. Choose your preferred Deployment Method:
    • Fixed (default)
      The add-in is automatically deployed to the assigned users and they will not be able to remove it from their ribbon.
    • Available
      The add-in is not deployed but will be available for assigned users to install even when general user access to the Store is disabled. Users may install this add-on by clicking the Get More add-ins button on the home ribbon in Outlook.
    • Optional
      The add-on is automatically deployed to the assigned users but they can choose to remove it from their ribbon.
  8. Click Deploy. 
  9. When the operation completes, close the confirmation pane and refresh the Add-ins page.
    The add-on is now displayed in the add-ins list and will be available for all assigned users.

Important Note!

By distributing OWA and setting it as Mandatory, it will automatically create a user as an active mailbox in the Mailboxes tab once the user reports an email using the OWA button. 

This should NOT replace the proper sync of your profiles according to the Profiles Upload process.


Your IRONSCALES OWA add-on is now available on all your end-users workstations
In some cases, it can take up to 24 hours for the OWA reporting button to appear.

Single OWA Installation

  1. Download the Report Phishing Add-on (OWA - Office 365) file from IRONSCALES Resources. (Admin or MSSP Access)
  2. From Outlook: Go to File > Manage Add-insmceclip10.png
    Outlook Web Access opens, displaying the Add-Ins for Outlook window.
  3. Select My add-ins > + Add a custom add-in > Add from File.
  4. Open the Report Phishing Add-on (OWA - Office 365) file you previously downloaded. 
  5. In the Warning popup, click Install.
  6. Restart Outlook
Your IRONSCALES OWA add-on is now available in Outlook! In some cases, it can take up to 24 hours for the OWA reporting button to appear.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us