Check Claude's Microsoft 365 Write Tools Before You Let It Send Mail
Claude's Microsoft 365 connector now supports write actions for Outlook, Calendar, OneDrive, and SharePoint. Admins should verify consent, send behavior, and data controls before enabling it broadly.
Claude's Microsoft 365 connector now supports write actions. Confidence level: confirmed. Anthropic's July 7, 2026 release notes say Claude can draft, send, and organize email, manage calendar events, update mailbox settings, and create or update files in OneDrive and SharePoint when write tools are enabled.
The practical question is not whether the feature exists. It is whether your tenant, consent flow, send policy, and audit process are ready for an AI agent that can act through Microsoft Graph in a user's name.
What changed
Anthropic moved the Microsoft 365 connector beyond search. Before this update, the connector was mainly a retrieval layer for Outlook, SharePoint, OneDrive, Teams, and calendar context. With write tools enabled, Claude can perform actions in Microsoft 365 instead of only reading from it.
The rollout is gated. Anthropic says a Microsoft Entra administrator must consent to the expanded permission set, and an admin must enable the tools for the organization before members can use them. Teams remains read-only, according to the release notes.
| Surface | New write capability | Admin check | Caveat |
|---|---|---|---|
| Outlook | Draft, send, and organize email | Confirm Mail.Send and mailbox permissions | Test whether your workflow requires explicit draft-only instructions |
| Calendar | Create, update, and manage events | Review calendar write permissions | Meeting changes can affect other people quickly |
| OneDrive | Create and update files | Check file write scope and DLP policy behavior | User permissions still define what Claude can reach |
| SharePoint | Create and update files | Review tenant-wide search and file write exposure | Site-specific search allowlisting is not documented |
| Teams | Read and search context | Keep read-only expectations clear | Anthropic says Teams remains read-only |
Why this is early
This is a fresh productivity-agent change, not a leaked model name. Anthropic's own Claude release notes list the Microsoft 365 write tools under July 7, 2026, while the connector security guide was updated this week with tenant, delegated-permission, and access-control details.
FindSkill published a detailed independent analysis focused on the Outlook and admin-risk angle. That source is useful context, but the publishable claim rests on Anthropic's documentation.
Key takeaways
- Claude's Microsoft 365 connector can now write to email, calendar, mailbox settings, OneDrive, and SharePoint when enabled.
- The feature requires Microsoft Entra admin consent plus an organization-side enablement step.
- Teams remains read-only in Anthropic's release notes.
- The connector uses delegated permissions, so Claude acts within the user's existing Microsoft 365 access.
- Admins should test draft-only, send, DLP, audit, and revocation behavior before broad rollout.
Availability and access
Anthropic's security guide says the Microsoft 365 connector is available on all Claude plans: Free, Pro, Max, Team, and Enterprise. That does not mean write tools are automatically active for every user. Organization-level gating, Entra consent, and per-account enablement matter.
For Team and Enterprise plans, owners must enable the connector in Claude organization settings, and a Microsoft Entra Global Administrator must complete consent before team members can connect. People also need Microsoft 365 accounts tied to an Entra tenant; personal Microsoft accounts are not the expected path for this enterprise connector flow.
Pricing is not the main unknown here. The missing operational details are more important: how your tenant logs agent-initiated actions, how your approval norms handle Mail.Send, whether DLP blocks the right paths, and whether your staff know when Claude is drafting versus sending.
Practical LinkLoot angle
Treat this as an admin rollout, not a fun inbox trick. A safe first test is a small pilot group with low-risk mailboxes, explicit draft-only tasks, calendar sandbox checks, and OneDrive/SharePoint folders that contain no sensitive customer or finance material.
Use LinkLoot's AI workflow automation guide when you turn this into a repeatable workflow. The useful pattern is clear: Claude can prepare client follow-ups, calendar changes, and file updates from Microsoft 365 context. The risky pattern is also clear: the same permissions can move from assistance to action faster than users expect.
Checklist before enabling:
- Confirm which Microsoft Graph permissions are granted during Entra consent.
- Decide whether email send actions are allowed, draft-only, or blocked.
- Verify DLP, retention, eDiscovery, and audit logs for agent-initiated actions.
- Test revocation from both Claude organization settings and Microsoft Entra.
- Document which teams may use write tools and which workflows stay read-only.
What to verify before you act
Check the Claude release notes and the Microsoft 365 connector setup docs before changing tenant policy. The release-note entry confirms the product change, but your exact controls depend on your Claude plan, Entra setup, conditional-access rules, and internal compliance requirements.
Run a real send-path test before giving this to sales, support, or finance teams. Ask Claude to draft but not send, inspect the draft location, then test a controlled send to an internal mailbox. Review the message headers, audit trail, and retention record.
Do not assume SharePoint search is narrow unless your admin has verified it. Anthropic's security guide says users cannot bypass their own Microsoft 365 permissions, but it also notes tenant-wide SharePoint search behavior rather than site-specific allowlisting.
Source check
Confirmed by: Anthropic's Claude release notes list Microsoft 365 connector write tools on July 7, 2026 and name email, calendar, mailbox settings, OneDrive, SharePoint, Entra consent, admin enablement, and Teams read-only status. Anthropic's Microsoft 365 connector security guide confirms delegated permissions, Entra tenant requirements, organization gating, access controls, and token-management details.
Early signal / context: FindSkill adds independent practical analysis around Outlook send behavior, draft expectations, attachment limits, and admin risk. LinkLoot will treat future Anthropic setup-doc changes, Microsoft Graph permission changes, or explicit send-confirmation guarantees as update triggers.
Yes, if Microsoft 365 connector write tools are enabled and the required admin consent is in place. Anthropic's release notes say Claude can draft, send, and organize email.
