[Outlook] Refresh low engagement articles (#5235)

* Refresh low engagement articles

* Apply suggestion from review

Co-authored-by: Elizabeth Samuel <[email protected]>

---------

Co-authored-by: Elizabeth Samuel <[email protected]>

Author: samantharamon

.openpublishing.redirection.json

@@ -1317,6 +1317,10 @@
         {
             "source_path": "docs/outlook/item-data.md",
             "redirect_url": "/javascript/api/requirement-sets/outlook/outlook-api-requirement-sets"
+        },
+        {
+            "source_path": "docs/outlook/privacy-and-security.md",
+            "redirect_url": "/office/dev/add-ins/concepts/privacy-and-security"
         }
     ]
 }

docs/concepts/privacy-and-security.md

@@ -1,7 +1,7 @@
 ---
 title: Privacy and security for Office Add-ins
 description: Learn about the privacy and security aspects of the Office Add-ins platform.
-ms.date: 02/12/2025
+ms.date: 06/17/2025
 ms.localizationpriority: medium
 ---
 
@@ -66,10 +66,23 @@ You can make your Office Add-ins available to the public by publishing them to A
 
 End users and IT admins can turn off [optional connected experiences in Office](/deployoffice/privacy/optional-connected-experiences) desktop and mobile clients. For Office Add-ins, the impact of disabling the **Optional connected experiences** setting is that users can no longer access add-ins or the Microsoft 365 and Copilot store through these clients. However, certain Microsoft add-ins that are considered essential or business-critical, and add-ins deployed by an organization's IT admin through [Centralized Deployment](/microsoft-365/admin/manage/centralized-deployment-of-add-ins) will still be available. Additionally, add-ins and the Microsoft 365 and Copilot store remain available in Outlook on the web, regardless of the status of the setting.
 
-For more about Outlook-specific behavior, see [Privacy, permissions, and security for Outlook add-ins](../outlook/privacy-and-security.md#optional-connected-experiences).
-
 Note that if an IT admin disables the [use of connected experiences in Office](/deployoffice/privacy/manage-privacy-controls#policy-setting-for-most-connected-experiences), it has the same effect on add-ins as turning off just optional connected experiences.
 
+### Optional connected experiences in Outlook
+
+The following table describes the availability of add-ins on Outlook clients when optional connected experiences is turned off.
+
+|Client|Behavior when optional connected experiences is turned off|
+|-----|-----|
+|<ul><li>Web browser</li><li>[new Outlook on Windows](https://support.microsoft.com/office/656bb8d9-5a60-49b2-a98b-ba7822bc7627)</li></ul>|Availability of add-ins and access to AppSource are unaffected, so users can continue to [manage their add-ins](https://support.microsoft.com/office/1ee261f9-49bf-4ba6-b3e2-2ba7bcab64c8), including admin-deployed ones.|
+|<ul><li>Windows (classic)<sup>1</sup></li><li>Mac</li></ul>|The **All Apps**<sup>2</sup> or **Get Add-ins** button isn't displayed, so users aren't able to manage their add-ins or access AppSource.|
+|<ul><li>Android</li><li>iOS</li></ul>|The **Get Add-ins** dialog shows only admin-deployed add-ins.|
+
+> [!NOTE]
+> <sup>1</sup> On Windows, support for this experience is available from Version 2008 (Build 13127.20296). For more details on your client version, see the update history page for [Microsoft 365](/officeupdates/update-history-office365-proplus-by-date) and how to [find your Office client version and update channel](https://support.microsoft.com/office/932788b8-a3ce-44bf-bb09-e334518b8b19).<br>
+>
+> <sup>2</sup> Starting in classic Outlook on Windows Version 2303 (Build 16215.10000), the **All Apps** button is used to manage add-ins and access AppSource.
+
 ## Addressing end users' privacy concerns
 
 This section describes the protection offered by the Office Add-ins platform from the customer's (end user's) perspective, and provides guidelines for how to support users' expectations and how to securely handle users' personally identifiable information (PII).
@@ -109,7 +122,31 @@ The add-in platform addresses end users' privacy concerns in the following ways.
 
   - Running in a web browser control allows the add-in to do almost anything a regular web page running in a browser can do but, at the same time, restricts the add-in to observe the same-origin policy for domain isolation and security zones.
 
-Outlook add-ins provide additional security and performance features through Outlook add-in specific resource usage monitoring. For more information, see [Privacy, permissions, and security for Outlook add-ins](../outlook/privacy-and-security.md).
+#### End users' perspective in Outlook
+
+The following points address end users' privacy concerns specific to Outlook.
+
+- End user's messages that are protected by Outlook's Information Rights Management (IRM) won't interact with add-ins in the following instances.
+
+  - When the IRM-protected message is accessed from Outlook on mobile devices.
+
+  - When the IRM-protected message contains a sensitivity label with the **Allow programmatic access** custom policy option set to `false`.
+
+  For more information on IRM support in add-ins, see [Mail items protected by IRM](../outlook/outlook-add-ins-overview.md#mail-items-protected-by-irm).
+
+- Granting the **restricted** permission allows the Outlook add-in to have limited access on only the current item. Granting the **read item** permission allows the Outlook add-in to access personal identifiable information, such as sender and recipient names and email addresses, on only the current item. For more information on Outlook add-in permissions, see [Understanding Outlook add-in permissions](../outlook/understanding-outlook-add-in-permissions.md).
+
+- Manifest files of installed Outlook add-ins are secured in the user's email account.
+
+- Outlook on Windows (classic) and on Mac monitor the performance of installed Outlook add-ins, exercise governance control, and make add-ins unavailable when they exceed limits in the following areas.
+
+  - Response time to activate
+
+  - Number of failures to activate or reactivate
+
+  - Memory usage
+
+  - CPU usage
 
 ### Developer guidelines to handle PII
 
@@ -178,11 +215,7 @@ The following example shows how a task pane add-in specifies the **read document
 
 For more information about permissions for task pane and content add-ins, see [Requesting permissions for API use in add-ins](../develop/requesting-permissions-for-api-use-in-content-and-task-pane-add-ins.md).
 
-For more information about permissions for Outlook add-ins, see the following topics.
-
-- [Privacy, permissions, and security for Outlook add-ins](../outlook/privacy-and-security.md)
-
-- [Understanding Outlook add-in permissions](../outlook/understanding-outlook-add-in-permissions.md)
+For more information about permissions for Outlook add-ins, see [Understanding Outlook add-in permissions](../outlook/understanding-outlook-add-in-permissions.md).
 
 ### Follow the same-origin policy
 
@@ -306,10 +339,11 @@ The management and enforcement of Office settings is done with group policy sett
 | Block Web Add-ins | Allows you to prevent users from running Office Add-ins that use web technologies. |
 | Block the Office Store |  Allows you to prevent users from getting or running Office Add-ins that come from [AppSource](https://appsource.microsoft.com). |
 
+To specify permissions to install and manage Outlook add-ins in an organization that uses Exchange Online, configure administrative and user roles in the Exchange admin center. For more information, see [Specify the administrators and users who can install and manage add-ins for Outlook in Exchange Online](/exchange/clients-and-mobile-in-exchange-online/add-ins-for-outlook/specify-who-can-install-and-manage-add-ins).
+
 ## See also
 
 - [Requesting permissions for API use in add-ins](../develop/requesting-permissions-for-api-use-in-content-and-task-pane-add-ins.md)
-- [Privacy, permissions, and security for Outlook add-ins](../outlook/privacy-and-security.md)
 - [Understanding Outlook add-in permissions](../outlook/understanding-outlook-add-in-permissions.md)
 - [Limits for activation and JavaScript API for Outlook add-ins](../outlook/limits-for-activation-and-javascript-api-for-outlook-add-ins.md)
 - [Addressing same-origin policy limitations in Office Add-ins](../develop/addressing-same-origin-policy-limitations.md)

docs/develop/requesting-permissions-for-api-use-in-content-and-task-pane-add-ins.md

@@ -1,7 +1,7 @@
 ---
 title: Requesting permissions for API use in add-ins
 description: Learn about different permission levels to declare in the manifest of an add-in to specify the level of JavaScript API access.
-ms.date: 02/12/2025
+ms.date: 06/17/2025
 ms.localizationpriority: medium
 ---
 
@@ -10,13 +10,12 @@ ms.localizationpriority: medium
 This article describes the different permission levels that you declare in your add-in's manifest to specify the level of JavaScript API access your add-in requires for its features.
 
 > [!IMPORTANT]
-> This article applies to only non-Outlook add-ins. To learn about permission levels for Outlook add-ins, see [Outlook permissions model](../outlook/privacy-and-security.md#permissions-model).
+> This article applies to only non-Outlook add-ins. To learn about permission levels for Outlook add-ins, see [Understanding Outlook add-in permissions](../outlook/understanding-outlook-add-in-permissions.md).
 
 ## Permissions model
 
 A five-level JavaScript API access-permissions model provides the basis for privacy and security for users of your add-ins. The following figure shows the five levels of API permissions you can declare in your add-in's manifest.
 
-
 ![Levels of permissions for add-ins.](../images/office15-app-sdk-task-pane-app-permission.png)
 
 These permissions specify the subset of the API that the add-in [runtime](../testing/runtimes.md) allows your add-in to use when a user inserts, and then activates (trusts) your add-in. To declare the permission level your add-in requires, specify one of the permission values in the manifest. The markup varies depending on the type of manifest.

docs/includes/outlook-permission-levels-table.md

@@ -1,7 +1,7 @@
 ---
 title: Get and set the recurrence of appointments
 description: This topic shows you how to use the Office JavaScript API to get and set various recurrence properties of an appointment using an Outlook add-in.
-ms.date: 05/30/2024
+ms.date: 06/17/2024
 ms.topic: how-to
 ms.localizationpriority: medium
 ---
@@ -55,7 +55,7 @@ Along with the recurrence pattern, you also need to determine the start and end
 
 The appointment organizer can specify the recurrence pattern for an appointment series in compose mode only. In the following example, the appointment series is set to occur from 10:30 AM to 11:00 AM PST every Tuesday and Thursday during the period November 2, 2019 to December 2, 2019.
 
-```js
+```javascript
 const seriesTimeObject = new Office.SeriesTime();
 seriesTimeObject.setStartDate(2019,10,2);
 seriesTimeObject.setEndDate(2019,11,2);
@@ -80,9 +80,9 @@ Office.context.mailbox.item.recurrence.setAsync(pattern, (asyncResult) => {
 
 ## Change recurrence as the organizer
 
-In the following example, the appointment organizer gets the `Recurrence` object of an appointment series, then sets a new recurrence duration. This is done in compose mode.
+In the following example, the appointment organizer gets the [Recurrence](/javascript/api/outlook/office.recurrence) object of an appointment series, then sets a new recurrence duration. This is done in compose mode.
 
-```js
+```javascript
 Office.context.mailbox.item.recurrence.getAsync((asyncResult) => {
   const recurrencePattern = asyncResult.value;
   recurrencePattern.seriesTime.setDuration(60);
@@ -101,7 +101,7 @@ Office.context.mailbox.item.recurrence.getAsync((asyncResult) => {
 
 In the following example, the appointment organizer gets the `Recurrence` object of an appointment to determine whether it's a recurring series. This is done in compose mode.
 
-```js
+```javascript
 Office.context.mailbox.item.recurrence.getAsync((asyncResult) => {
     const recurrence = asyncResult.value;
 
@@ -135,7 +135,7 @@ The following example shows the results of the `getAsync` call that retrieves th
 
 In the following example, an appointment attendee gets the `Recurrence` object of an appointment or meeting request.
 
-```js
+```javascript
 outputRecurrence(Office.context.mailbox.item);
 
 function outputRecurrence(item) {
@@ -171,25 +171,53 @@ The following example shows the value of the `item.recurrence` property of an ap
 
 After you've retrieved the recurrence object (either from the `getAsync` callback or from `item.recurrence`), you can get specific properties of the recurrence. For example, get the start and end dates and times of the series by using the [SeriesTime][SeriesTime link] methods on the `recurrence.seriesTime` property.
 
-```js
-// Get series date and time info
+```javascript
+// Get the date and time information of the series.
 const seriesTime = recurrence.seriesTime;
 const startTime = recurrence.seriesTime.getStartTime();
 const endTime = recurrence.seriesTime.getEndTime();
 const startDate = recurrence.seriesTime.getStartDate();
 const endDate = recurrence.seriesTime.getEndDate();
 const duration = recurrence.seriesTime.getDuration();
 
-// Get series time zone
+// Get the series time zone.
 const timeZone = recurrence.recurrenceTimeZone;
 
-// Get recurrence properties
+// Get the recurrence properties.
 const recurrenceProperties = recurrence.recurrenceProperties;
 
-// Get recurrence type
+// Get the recurrence type.
 const recurrenceType = recurrence.recurrenceType;
 ```
 
+## Identify when the recurrence pattern changes
+
+There may be scenarios where you want your add-in to detect and handle changes to the recurrence pattern of a series. For example, you'd like to update the appointment's location if the series is extended. To implement this, you must create a handler for the [RecurrenceChanged](/javascript/api/office/office.eventtype) event. To add an event handler for the `RecurrenceChanged` event, call [Office.context.mailbox.item.addHandlerAsync](/javascript/api/requirement-sets/outlook/preview-requirement-set/office.context.mailbox.item#methods). When a change is detected, the event handler receives an argument of type [Office.RecurrenceChangedEventArgs](/javascript/api/outlook/office.recurrencechangedeventargs), which provides the updated recurrence object.
+
+The following example shows how to register an event handler for the `RecurrenceChanged` event.
+
+```javascript
+// This sample shows how to register an event handler in Outlook.
+Office.onReady(() => {
+    // Register an event handler to identify when the recurrence pattern of a series is updated.
+    Office.context.mailbox.item.addHandlerAsync(Office.EventType.RecurrenceChanged, handleEvent, (asyncResult) => {
+        if (asyncResult.status === Office.AsyncResultStatus.Failed) {
+            console.log(asyncResult.error.message);
+            return;
+        }
+
+        console.log("Event handler added for the RecurrenceChanged event.");
+    });
+});
+
+function handleEvent(event) {
+    // Get the updated recurrence object.
+    const updatedRecurrence = event.recurrence;
+
+    // Perform operations in response to the updated recurrence pattern.
+}
+```
+
 ## Run sample snippets in Script Lab
 
 To test how to get and set the recurrence of an appointment with an add-in, install the [Script Lab for Outlook add-in](https://appsource.microsoft.com/product/office/wa200001603) and run the following sample snippets.
@@ -203,9 +231,8 @@ To learn more about Script Lab, see [Explore Office JavaScript API using Script
 
 ## See also
 
-- [RecurrenceChanged event](/javascript/api/office/office.eventtype)
-- [Recurrence object](/javascript/api/outlook/office.recurrence)
-- [SeriesTime object](/javascript/api/outlook/office.seriestime)
+- [Get or set the time when composing an appointment in Outlook](get-or-set-the-time-of-an-appointment.md)
+- [Get or set the location when composing an appointment in Outlook](get-or-set-the-location-of-an-appointment.md)
 
 [getAsync link]: /javascript/api/outlook/office.recurrence#getAsync_options__callback_
 [item.recurrence link]: /javascript/api/requirement-sets/outlook/preview-requirement-set/office.context.mailbox.item#properties