This article provides a view of all application requests that have been rejected by the NHSmail Technical Design Authority (TDA). A justification will be provided as to the rationale behind the decision.
Please be aware that any subsequent requests for the same app will be rejected, unless it relates to a newer version.
For further information around approved/rejected NHSmail applications, the request process or application access please visit the following articles:
- Core 365 Application Catalogue (SharePoint, App Source, Teams)
- Custom and 3rd Party Applications
- ServiceNow request process for O365 stores
- Introduction to O365 Stores and Accessing Applications
- Managing Term Groups/Stores
|App Name||Justification for Rejection||Date of Rejection|
|Visio Data Visualizer||The platform is already equipped with this feature||30/11/2021|
|Google Analytics||The app is basically to capture all the SharePoint sites in the tenant and monitor their usages via Google analytics (needs integration with a google analytics account and then using google platform to morning SharePoint sites clicks/sessions/users/location etc.). This is not feasible to monitor all sites collections usage/clicks via an external google account.
This 3-4 years old app is not available in the official app store as it is developed as a project and is available on GitHub for download.
The app cannot be deployed in a site-level app catalogue.
This app requires to be deployed to all SharePoint sites via Global Catalogue so that all sites can be monitored via Google Analytics account – by configuring a Google Analytics account code in the global app deployment.
There is a Google Analytics connector available in the web parts section of SharePoint sites and can be used by users. It requires integrating a google account (with Google Analytics) to allow the connector to receive the analytics overview reports for their websites (not SharePoint sites) configured in Google Analytics.
|Metalogix Essentials||Quest Metalogix requires global tenant wide access. this cannot be provided. We have discussed with Quest and Quest have I understand been in contact. Quest Essentials we believe is the product you would be looking to use. Quest will be in contact.||22/12/2021|
|Spark email client||The application hosts data outside of the UK/EU and is non-compliant with the NHSmail guidance. Flexibits (Fantastical) servers are hosted on Google Cloud Platform in the US. In addition to this, the application has delegate permissions to EWS (Exchange Web Services) which allows the app to have the same access to mailboxes as the signed-in user.||25/01/2022|
|Cronofy (enterprise connect)||Cronofy Enterprise Connect requires granting permissions (Calendar Read/Write) that apply across the entire NHS tenant rather than using delegated permissions for individuals using the service. It also opens up data sharing to a number of platforms that as yet have not been assessed for data access and which could foreseeably extend without central oversight which would be difficult to allow.||31/01/2022|
|UiPath||The application doesn’t support multiple
organisations within a single tenant.
|Additional Add-in for 365 for TWINKLE||This application doesn’t have the required role based access control and would be granted access to all SharePoint sites on the tenant. therefore this cannot be approved.||15/03/2022|
|Fantastical||Data is held within the US and not EU or UK. The permissions couldn’t be constrained to just the individual organisation.||22/03/2022|
|Web Viewer||Application doesn’t work properly and isn’t being maintained.||29/03/2022|
|Zivver Outlook Plugin||Egress encryption is already available and provisioned for you on the nhs.net tenant. Please see https://support.nhs.net/article-categories/encryption/||12/04/2022|
|MS Whiteboard||Enabled on their devices.||29/04/2022|
|Clearooms Room Display v1.5.3||The calendars read/write all is a concern as it is app and not delegated. Opens up potential for any locked down calendars to be utilised. Potentially can be locked down to cover a group of mailboxes but not documented by the vendor. The app permissions cannot be constrained to a subset of users.||29/04/2022|
|Aternity||The app requires Application permissions level permissions for CallRecords.Read.All. That will allow the app to access Tenant level Teams usage call records. The scoping is not supported for this permission. If required, we can offer to have a follow on conversation with the suppliers.||03/05/2022|
|UiPath New York||The application doesn’t support multiple organisations within a single tenant, so it’s not scalable on the platform.||04/05/2022|
|RADAR Report Library (SPFx WebPart v1.0.0.)||The deployment of SPFx webpart for testing on the central tenant is not supported. Once the SPFx WebPart is fully developed and tested, another request can be raised for review, approval and deployment in the Global App Catalog.||09/05/2022|