Specify the administrators and users who can install and manage add-ins for Outlook
You can specify which administrators in your organization have permissions to install and manage add-ins for Outlook. You can also specify which users in your organization have permission to install and manage add-ins for their own use.
This is done by assigning or removing management roles specific to add-ins. There are five built-in roles you can use.
Org Marketplace Apps: Enables an administrator to install and manage add-ins that are available from the Office Store for their organization.
Org Custom Apps: Enables an administrator to install and manage custom add-ins for their organization.
My Marketplace Apps: Enables a user to install and manage Office Store add-ins for their own use.
My Custom Apps: Enables a user to install and manage custom add-ins for their own use.
My ReadWriteMailbox Apps: Enables a user to install and manage add-ins that request the ReadWriteMailbox permission level in their manifest.
By default, all administrators who have the Organization Management role group have both of the above administrative roles enabled. Also by default, end users have the above user roles enabled.
For information about add-ins, see Add-ins for Outlook.
What do you need to know before you begin?
Estimated time to complete: 5 minutes.
You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the "Role assignments" entry in the Role management permissions topic.
Access to the Office Store isn't supported for mailboxes or organizations in specific regions. If you don't see Add from the Office Store as an option in the Exchange admin center under Organization > Add-ins > New , you may be able to install an add-in for Outlook from a URL or file location. For more information, contact your service provider.
For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts for the Exchange admin center.
Assign administrators the permissions required to install and manage add-ins for your organization
Use the EAC to assign permissions to administrators
You can use the EAC to assign administrators the permissions required to install and manage add-ins that available from the Office Store for your organization. For detailed information about how to do this, see Manage role groups.
Assign users the permissions required to install and manage add-ins for their own use
Use the EAC to assign permissions to users
You can use the EAC to assign users the permissions required to view and modify custom add-ins for their own use. For detailed information about how to do this, see Manage role groups.
How do you know this worked?
To verify that you've successfully assigned permissions for a user, replace <Role Name> with the name of the role to verify, and run the following command in Exchange Online PowerShell:
Get-ManagementRoleAssignment -Role "<Role Name>" -GetEffectiveUsers
This example shows you how to verify whom you've assigned permissions to install add-ins from the Office Store for the organization.
Get-ManagementRoleAssignment -Role "Org Marketplace Apps" -GetEffectiveUsers
In the results, review the entries in the Effective Users column.
For detailed syntax and parameter information, see Get-ManagementRoleAssignment.
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.