Updates from: 05/30/2024 04:49:33
Category Microsoft Docs article Related commit history on GitHub Change details
microsoft-365-copilot-privacy Microsoft 365 Copilot Privacy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/microsoft-365-copilot-privacy.md
- m365copilot - magic-ai-copilot hideEdit: true Previously updated : 05/21/2024 Last updated : 05/29/2024 # Data, Privacy, and Security for Microsoft Copilot for Microsoft 365
For an overview of how these three components work together, see [Microsoft Copi
> [!IMPORTANT] > - Microsoft Copilot for Microsoft 365 is compliant with our existing privacy, security, and compliance commitments to Microsoft 365 commercial customers, including the General Data Protection Regulation (GDPR) and European Union (EU) Data Boundary. > - Prompts, responses, and data accessed through Microsoft Graph aren't used to train foundation LLMs, including those used by Microsoft Copilot for Microsoft 365.
+> - Microsoft Copilot for Microsoft 365 operates with multiple protections, which include, but are not limited to, [blocking harmful content](#how-does-copilot-block-harmful-content), [detecting protected material](#does-copilot-provide-protected-material-detection), and [blocking prompt injections (jailbreak attacks)](#does-copilot-block-prompt-injections-jailbreak-attacks).
The information in this article is intended to help provide answers to the following questions:
Microsoft Copilot for Microsoft 365 provides value by connecting LLMs to your or
Microsoft Copilot for Microsoft 365 only surfaces organizational data to which individual users have at least view permissions. It's important that you're using the permission models available in Microsoft 365 services, such as SharePoint, to help ensure the right users or groups have the right access to the right content within your organization. This includes permissions you give to users outside your organization through inter-tenant collaboration solutions, such as [shared channels in Microsoft Teams](/microsoftteams/shared-channels).
-When you enter prompts using Microsoft Copilot for Microsoft 365, the information contained within your prompts, the data they retrieve, and the generated responses remain within the Microsoft 365 service boundary, in keeping with our current privacy, security, and compliance commitments. Microsoft Copilot for Microsoft 365 uses Azure OpenAI services for processing, not OpenAIΓÇÖs publicly available services. Azure Open AI doesn't cache customer content and Copilot modified prompts for Copilot for Microsoft 365.
+When you enter prompts using Microsoft Copilot for Microsoft 365, the information contained within your prompts, the data they retrieve, and the generated responses remain within the Microsoft 365 service boundary, in keeping with our current privacy, security, and compliance commitments. Microsoft Copilot for Microsoft 365 uses Azure OpenAI services for processing, not OpenAIΓÇÖs publicly available services. Azure OpenAI doesn't cache customer content and Copilot modified prompts for Copilot for Microsoft 365.
> [!NOTE] > When using Microsoft Copilot for Microsoft 365, your organizationΓÇÖs data might leave the Microsoft 365 service boundary under the following circumstances:
Hate and fairness-related harms refer to any content that uses pejorative or dis
[Learn more about Azure OpenAI content filtering](/azure/ai-services/openai/concepts/content-filter?tabs=warning%2Cpython#harm-categories).
+### Does Copilot provide protected material detection?
+
+Yes, Copilot for Microsoft 365 provides detection for protected materials, which includes text subject to copyright and code subject to licensing restrictions. Not all of these mitigations are relevant for all Copilot for Microsoft 365 scenarios.
+ ### Does Copilot block prompt injections (jailbreak attacks)? [Jailbreak attacks](/azure/ai-services/openai/whats-new#responsible-ai) are user prompts that are designed to provoke the generative AI model into behaving in ways it was trained not to or breaking the rules it's been told to follow. Microsoft Copilot for Microsoft 365 is designed to protect against prompt injection attacks. [Learn more about jailbreak attacks and how to use Azure AI Content Safety to detect them](/azure/ai-services/content-safety/concepts/jailbreak-detection).
Hate and fairness-related harms refer to any content that uses pejorative or dis
As AI is poised to transform our lives, we must collectively define new rules, norms, and practices for the use and impact of this technology. Microsoft has been on a Responsible AI journey since 2017, when we defined our principles and approach to ensuring this technology is used in a way that is driven by ethical principles that put people first.
-At Microsoft, we're guided by our [AI principles](https://www.microsoft.com/ai/our-approach), our [Responsible AI Standard](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5cmFl), and decades of research on AI, grounding, and privacy-preserving machine learning. A multidisciplinary team of researchers, engineers and policy experts reviews our AI systems for potential harms and mitigations ΓÇö refining training data, filtering to limit harmful content, query- and result-blocking sensitive topics, and applying Microsoft technologies like [InterpretML](https://www.microsoft.com/research/uploads/prod/2020/05/InterpretML-Whitepaper.pdf) and [Fairlearn](https://fairlearn.org/) to help detect and correct data bias. We make it clear how the system makes decisions by noting limitations, linking to sources, and prompting users to review, fact-check, and adjust content based on subject-matter expertise. For more information, see [Governing AI: A Blueprint for the Future](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RW14Gtw).
+At Microsoft, we're guided by our [AI principles](https://www.microsoft.com/ai/our-approach), our [Responsible AI Standard](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5cmFl), and decades of research on AI, grounding, and privacy-preserving machine learning. A multidisciplinary team of researchers, engineers, and policy experts reviews our AI systems for potential harms and mitigations ΓÇö refining training data, filtering to limit harmful content, query- and result-blocking sensitive topics, and applying Microsoft technologies like [InterpretML](https://www.microsoft.com/research/uploads/prod/2020/05/InterpretML-Whitepaper.pdf) and [Fairlearn](https://fairlearn.org/) to help detect and correct data bias. We make it clear how the system makes decisions by noting limitations, linking to sources, and prompting users to review, fact-check, and adjust content based on subject-matter expertise. For more information, see [Governing AI: A Blueprint for the Future](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RW14Gtw).
We aim to help our customers use our AI products responsibly, sharing our learnings, and building trust-based partnerships. For these new services, we want to provide our customers with information about the intended uses, capabilities, and limitations of our AI platform service, so they have the knowledge necessary to make responsible deployment choices. We also share resources and templates with developers inside organizations and with independent software vendors (ISVs), to help them build effective, safe, and transparent AI solutions.
admin Change A User Name And Email Address https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/add-users/change-a-user-name-and-email-address.md
f1.keywords:
Previously updated : 06/14/2023 Last updated : 05/29/2024 audience: Admin
- M365-subscription-management - Adm_O365 - Adm_TOC
+- must-keep
- TRN_M365B - OKR_SMB_Videos
description: "Learn how a Microsoft 365 global admin can change a user's email a
Check out [Microsoft 365 small business help](https://go.microsoft.com/fwlink/?linkid=2197659) on YouTube.
-You may need to change someone's email address and display name if, for example, they get married and their last name changes.
+You might need to change someone's email address and display name if, for example, they get married and their last name changes.
> [!TIP] > If you need help with the steps in this topic, consider [working with a Microsoft small business specialist](https://go.microsoft.com/fwlink/?linkid=2186871). With Business Assist, you and your employees get around-the-clock access to small business specialists as you grow your business, from onboarding to everyday use.
Check out this video and others on our [YouTube channel](https://go.microsoft.co
1. In the Microsoft 365 admin center, select **Users** > <a href="https://go.microsoft.com/fwlink/p/?linkid=834822" target="_blank">**Active users**</a>. 1. Select the user from the list of active users.
-1. Select **Manage contact information**.
-1. Change the display name, and select **Save changes**.
+1. Select **Manage username and email**.
+1. Select the edit icon next to the username you want to change.
+1. Change the display name, and select **Done**.
If you found this video helpful, check out the [complete training series for small businesses and those new to Microsoft 365](../../business-video/index.yml).
You must be a [global admin](about-admin-roles.md) to complete these steps.
::: moniker-end
-1. Select the user's name, and then on the **Account** tab select **Manage username**.
+1. Select the user's name, and then on the **Account** tab select **Manage username and email**.
1. In the first box, type the first part of the new email address. If you added your own domain to Microsoft 365, choose the domain for the new email alias by using the drop-down list. [Learn how to add a domain](../setup/add-domain.md).
-1. Select **Save changes**.
+1. Select **Done**.
> [!IMPORTANT] > If you get an error message, see [Resolve error messages](#resolve-error-messages).
For more information on adding an email alias, see [Add another email alias for
::: moniker-end
-2. Select the user's name, and then on the **Account** tab select **Manage email aliases**.
+1. Select the user's name, and then on the **Account** tab select **Manage username and email**.
+
+1. If you're adding a new email address, under **Aliases**, in the blank box, type the first part of the new email address. If you added your own domain to Microsoft 365, choose the domain for the new email alias by using the drop-down list.
-3. Select **Set as Primary** for the email address that you want to set as the primary email address for that person.
+1. Under **Aliases**, select the ellipses (...) next to the desired alias and then select **Change to primary email** for the email address that you want to set as the primary email address for that person.
> [!IMPORTANT]
- > You won't see this option to Set as Primary if you purchased Microsoft 365 from GoDaddy or another Partner service that provides a management console. Instead, sign in to the GoDaddy / partner's management console to set the primary alias.
+ > You won't see this option to **Change to primary email** if you purchased Microsoft 365 from GoDaddy or another Partner service that provides a management console. Instead, sign in to the GoDaddy / partner's management console to set the primary alias.
> > Also, you'll only see this option if you're a global admin. If you don't see the option, you don't have permissions to change a user's name and primary email address.
-4. You'll see a warning that you're about to change the person's sign-in information. Select **Save changes**, then **Close**.
+1. You'll see a warning that you're about to change the person's sign-in information. Select **Save changes**, then **Close**.
-5. Give the person the following information:
+1. Give the person the following information:
- This change could take a while. - Their new username. They'll need it to sign in to Microsoft 365.
- - If they are using Skype for Business Online, they must reschedule any Skype for Business Online meetings that they organized, and tell their external contacts to update their contact information.
+ - If they're using Skype for Business Online, they must reschedule any Skype for Business Online meetings that they organized, and tell their external contacts to update their contact information.
- - If they are using OneDrive, the URL to this location has changed. If they have OneNote notebooks in their OneDrive, they might need to close and reopen them in OneNote. If they have shared files from their OneDrive, the links to the files might not work and the user can reshare.
+ - If they're using OneDrive, the URL to this location has changed. If they have OneNote notebooks in their OneDrive, they might need to close and reopen them in OneNote. If they have shared files from their OneDrive, the links to the files might not work and the user can reshare.
- - If their password changed too, they are prompted to enter the new password on their mobile device, or it won't sync.
+ - If their password changed too, they're prompted to enter the new password on their mobile device, or it won't sync.
A person's previous primary email address is retained as an additional email address. **We strongly recommend that you don't remove the old email address.**
-Some people might continue to send email to the person's old email address and deleting it may result in NDR failures. Microsoft automatically routes it to the new one. Also, do not reuse old SMTP email addresses and apply them to new accounts. This can also cause NDR failures or delivery to an unintended mailbox.
+Some people might continue to send email to the person's old email address and deleting it might result in NDR failures. Microsoft automatically routes it to the new one. Also, don't reuse old SMTP email addresses and apply them to new accounts. This can also cause NDR failures or delivery to an unintended mailbox.
## Resolve error messages
If you get the error message " **We're sorry, the user couldn't be edited. Revie
### What if the person's offline address book won't sync with the Global Address List?
-If they are using Exchange Online or if their account is linked with your organization's on-premises Exchange environment, you might see this error when you try to change a username and email address: "This user is synchronized with your local Active Directory. Some details can be edited only through your local Active Directory."
+If they're using Exchange Online or if their account is linked with your organization's on-premises Exchange environment, you might see this error when you try to change a username and email address: "This user is synchronized with your local Active Directory. Some details can be edited only through your local Active Directory."
-This is due to the Microsoft Online Email Routing Address (MOERA). The MOERA is constructed from the person's _userPrincipalName_ attribute in Active Directory and is automatically assigned to the cloud account during the initial sync and once created, it cannot be modified or removed in Microsoft 365. You can subsequently change the username in the Active Directory, but it doesn't change the MOERA and you may run into issues displaying the newly changed name in the Global Address List.
+This is due to the Microsoft Online Email Routing Address (MOERA). The MOERA is constructed from the person's _userPrincipalName_ attribute in Active Directory and is automatically assigned to the cloud account during the initial sync and once created, it can't be modified or removed in Microsoft 365. You can subsequently change the username in the Active Directory, but it doesn't change the MOERA and you might run into issues displaying the newly changed name in the Global Address List.
-To fix this, log in to the [Microsoft Graph Powershell](/powershell/microsoftgraph/overview) with your Microsoft 365 administrator credentials and use the following syntax:
+To fix this, sign in to the [Microsoft Graph PowerShell](/powershell/microsoftgraph/overview) with your Microsoft 365 administrator credentials and use the following syntax:
```powershell Update-MgUser -UserId anne.wallace@contoso.com -UserPrincipalName anne.jones@contoso.com
admin Configure Email Forwarding https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/email/configure-email-forwarding.md
f1.keywords:
Previously updated : 06/14/2023 Last updated : 05/28/2024 audience: Admin
- M365-subscription-management - Adm_O365 - Adm_TOC
+- must-keep
- MSStore_Link - AdminSurgePortfolio
Before you set up email forwarding, note the following:
- Once you set up email forwarding, only **new** emails sent to the **from** mailbox will be forwarded. -- Email forwarding requires that the *from* account has a license unless it is a shared mailbox. If you're setting up email forwarding because the user has left your organization, another option is to [convert their mailbox to a shared mailbox](convert-user-mailbox-to-shared-mailbox.md). This way several people can access it. However, a shared mailbox cannot exceed 50 GB.
+- Email forwarding requires that the *from* account has a license unless it's a shared mailbox. If you're setting up email forwarding because the user has left your organization, another option is to [convert their mailbox to a shared mailbox](convert-user-mailbox-to-shared-mailbox.md). This way several people can access it. However, a shared mailbox can't exceed 50 GB.
-- You must be an Exchange administrator or Global administrator in Microsoft 365 to do these steps. For more information, see the topic [About admin roles](../add-users/about-admin-roles.md).
+- You must be an Exchange administrator or Global administrator in Microsoft 365 to do these steps. For more information, see the article [About admin roles](../add-users/about-admin-roles.md).
## Configure email forwarding
admin Set Password Expiration Policy https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/set-password-expiration-policy.md
f1.keywords:
Previously updated : 06/26/2023 Last updated : 05/29/2024 audience: Admin
- M365-subscription-management - Adm_O365 - Adm_TOC
+- must-keep
- VSBFY23 - AdminSurgePortfolio
This article is for people who set password expiration policy for a business, sc
As the admin, you can make user passwords expire after a certain number of days, or set passwords to never expire. **By default, passwords are set to never expire for your organization**.
-Current research strongly indicates that mandated password changes do more harm than good. They drive users to choose weaker passwords, re-use passwords, or update old passwords in ways that are easily guessed by hackers. We recommend enabling [multi-factor authentication](../security-and-compliance/set-up-multi-factor-authentication.md). To learn more about password policy, check out [Password policy recommendations](../misc/password-policy-recommendations.md).
+Current research strongly indicates that mandated password changes do more harm than good. They drive users to choose weaker passwords, reuse passwords, or update old passwords in ways that are easily guessed by hackers. We recommend enabling [multi-factor authentication](../security-and-compliance/set-up-multi-factor-authentication.md). To learn more about password policy, check out [Password policy recommendations](../misc/password-policy-recommendations.md).
## Before you begin
You must be a [global admin](../add-users/about-admin-roles.md) to perform these
Follow the steps below if you want to set user passwords to expire after a specific amount of time.
-1. In the Microsoft 365 admin center, go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2072756" target="_blank">**Org Settings** tab</a>.
+1. In the Microsoft 365 admin center, go to the <a href="https://go.microsoft.com/fwlink/p/?linkid=2072756" target="_blank">**Org Settings** page</a>.
If you aren't a global admin or security admin, you won't see this page.
-2. On the **Password expiration policy** page, uncheck the box to change the password policy.
+2. In the **Security and Privacy** tab, on the **Password expiration policy** page, uncheck the box to change the password policy.
3. Type how often passwords should expire. Choose a number of days from **14 to 730** and select **Save**.
Password policies you choose is set for each managed domain in your organization
## Synchronize user passwords hashes from an on-premises Active Directory to Microsoft Entra ID (Microsoft 365)
-This article is for setting the expiration policy for cloud-only users (Microsoft Entra ID). It doesn't apply to hybrid identity users who use password hash sync, pass-through authentication, or on-premises federation like ADFS.
+This article is for setting the expiration policy for cloud-only users (Microsoft Entra ID). It doesn't apply to hybrid identity users who use password hash sync, pass-through authentication, or on-premises federation like Active Directory Federation Services (ADFS).
To learn how to synchronize user password hashes from on premises AD to Microsoft Entra ID, see [Implement password hash synchronization with Microsoft Entra Connect Sync](/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization).
admin Password Policy Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/password-policy-recommendations.md
f1.keywords:
Previously updated : 06/15/2023 Last updated : 05/28/2024 audience: Admin
- highpri - Adm_O365 - Adm_NonTOC
+- must-keep
- VSBFY23 - AdminSurgePortfolio
admin Install Applications https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/setup/install-applications.md
f1.keywords:
Previously updated : 06/21/2023 Last updated : 05/28/2024 audience: Admin
- M365-subscription-management - Adm_O365 - Adm_TOC
+- must-keep
search.appverid: - MET150 - MOE150
Now that you've set up Microsoft 365, you can install individual Microsoft 365 a
Microsoft 365 apps can be found on your **Start** menu. If you don't see them, you can install them yourself. 1. Go to microsoft365.com. You might need to sign in with your work account.
-2. Select **Install apps**, then select **Microsoft 365 apps**.
-1. Open the file that is downloaded to your **Downloads** folder.
+1. Select **Install and more**, then select **Install Microsoft 365 apps**.
+1. Open the file that is downloaded to your **Downloads** folder.
1. On the **Do you want to allow this app to make changes to your device** page, select **Yes** to begin installation. 1. The Microsoft 365 apps are installed. The process may take several minutes. When it completes, select **Close**.
enterprise Advanced Data Residency https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/advanced-data-residency.md
Last updated 02/29/2024 audience: ITPro-+
enterprise Cross Tenant Mailbox Migration https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/cross-tenant-mailbox-migration.md
Yes. However, we only keep the store permissions as described in this article:
### Do you have any recommendations for batches?
-Don't exceed 2,000 mailboxes per batch. We strongly recommend submitting batches two weeks prior to the cut-over date as there's no impact on the end users during synchronization. If you need guidance for mailboxes quantities over 50,000, you can reach out to the Engineering Feedback Distribution List at crosstenantmigrationpreview@service.microsoft.com.
+Don't exceed 2,000 mailboxes per batch. We strongly recommend submitting batches two weeks prior to the cut-over date as there's no impact on the end users during synchronization. If you need guidance for mailboxes quantities over 50,000, you can reach out to your CSAM or open a support request.
### What if I use Service encryption with Microsoft Purview Customer Key?
enterprise Microsoft 365 Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-overview.md
Last updated 03/18/2024 audience: ITPro-+ ms.localizationpriority: high
frontline Shifts For Teams Landing Page https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/shifts-for-teams-landing-page.md
Title: Shifts for frontline workers
-description: Get the admin guidance you need to set up and manage Shifts, the schedule management tool, in Microsoft Teams.
+ Title: Shifts for your frontline organization
+description: Get the admin guidance you need to deploy and manage Shifts, the schedule management tool, in Microsoft Teams.
appliesto:
- Microsoft Teams - Microsoft 365 for frontline workers Previously updated : 03/15/2024 Last updated : 05/29/2024
-# Shifts for frontline workers
+# Shifts for your frontline organization
-Shifts, the schedule management tool in Teams, keeps your frontline workforce connected and in sync. It's built mobile first for fast and effective schedule management and communications. With Shifts, frontline managers and workers can seamlessly manage schedules and keep in touch.
-
-Managers can create, update, and manage shift schedules for their teams. They can assign shifts, add open shifts, and approve schedule requests from employees. Workers can view their own and their team's schedules, set their availability, request to swap or offer a shift, request time off, and clock in and out.
+Shifts, the schedule management tool in Microsoft Teams, keeps your frontline workforce connected and in sync. It's built mobile first for fast and effective schedule management and communications across your frontline teams. With Shifts and Teams, frontline managers and workers can seamlessly manage schedules, communicate, and collaborate.
> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE42FjP]
-Use the following resources to help you set up and manage Shifts in your organization.
+Depending on your business needs, your organization can use Shifts as a standalone app or connect it to your workforce management (WFM) system. You can also use other Microsoft services and products to extend the capabilities of Shifts.
+
+## Considerations before you deploy Shifts
+
+As previously mentioned, your organization can opt to use Shifts as a standalone app or connect it to your WFM system. Connect Shifts to your WFM system if you want to:
+
+- Know about the changes made to data through Shifts.
+- Enforce the business rules and logic your organization configured in your WFM system before changes to data made by your frontline are saved to Shifts.
+- Keep data in Shifts and in your WFM system in sync.
+
+Here are options for integrating Shifts with external WFM systems.
+
+|Workforce management system |Solution |Things to consider |
+||||
+|UKG Pro Workforce Management |[Teams Shifts connector for UKG Pro Workforce Management](shifts-connectors.md#microsoft-teams-shifts-connector-for-ukg-pro-workforce-management)<br/> (Hosted and managed by Microsoft)|Shifts doesn't support every configuration and capability of your WFM system. Learn more about [Shifts capabilities](#shifts-capabilities) when using Microsoft managed connectors.|
+|Blue Yonder Workforce Management version 2020.3, 2021.1, or 2021.2 |[Teams Shifts connector for Blue Yonder](shifts-connectors.md#microsoft-teams-shifts-connector-for-blue-yonder) <br/>(Hosted and managed by Microsoft)|Shifts doesn't support every configuration and capability of your WFM system. Learn more about [Shifts capabilities](#shifts-capabilities) when using Microsoft managed connectors.|
+|Reflexis Workforce Management version 4.3.2, 4.4, or 4.5|[Reflexis Shifts connector for Microsoft Teams](shifts-connectors.md#reflexis-shifts-connector-for-microsoft-teams) <br/> (Hosted and managed by Zebra)|Shifts doesn't support every configuration and capability of your WFM system. [Learn more](shifts-connectors.md#reflexis-shifts-connector-for-microsoft-teams).|
+|Any other WFM system|[workforceIntegration Graph API](/graph/api/resources/workforceintegration?view=graph-rest-1.0)|<ul><li>Your workforce integration can prevent invalid data from being written to Shifts.</li><li>The workforce integration service you build must be highly available and resilient:</li><ul><li>If the service is slow, it affects the user experience in Shifts.</li><li>If the service is unavailable, users can't make changes in Shifts.</li></ul></ul>|
+
+## Deployment overview
+
+HereΓÇÖs a quick overview for deploying Shifts in your organization.
+
+1. **Create teams for your frontline locations**. You can choose to create your teams using the [deploy frontline dynamic teams at scale](deploy-dynamic-teams-at-scale.md) experience in the Teams admin center.
+
+ To learn more, see [How to find the best frontline team solution for your organization](frontline-team-options.md).
+
+1. **Define Shifts capabilities for your frontline**.
+
+ If you created your teams through the deploy frontline dynamic teams at scale experience, you can choose to [deploy Shifts to your frontline teams at scale](deploy-shifts-at-scale.md) in the Teams admin center. By doing so, you can standardize Shifts settings across all your frontline teams and manage them centrally. You select which capabilities to turn on or off and create schedule groups and time-off reasons that are set uniformly across all your frontline teams.
+
+ Alternatively, you can use the [Create or replace schedule](/graph/api/team-put-schedule?view=graph-rest-1.0&tabs=http) Graph API to define Shifts settings for your frontline teams and the [shiftsRoleDefinition](/graph/api/resources/shiftsroledefinition?view=graph-rest-beta) Graph API to [manage permissions to Shifts capabilities for your frontline managers](manage-shifts-permissions-frontline-managers.md).
+
+> [!NOTE]
+> Optionally, [set up a frontline operational hierarchy](deploy-frontline-operational-hierarchy.md) to map your organizationΓÇÖs structure of frontline teams and locations to a hierarchy in the Teams admin center. Creating a frontline operational hierarchy will enable location scenarios and other capabilities for your frontline.
+
+## Shifts capabilities
+
+HereΓÇÖs an overview of what frontline managers and workers can do in Shifts.
-## Set up and manage Shifts
+|Frontline manager capabilities |Standalone |Microsoft managed Shifts connector|
+||||
+|Create a schedule for their team. <br/>Supported methods:<ul><li>Manually create shifts and time off one by one.</li><li>Bulk creation of shifts and time off through Excel import and copy/paste.</li></ul> | Yes | Not available in Shifts.<sup>1</sup> |
+|Create open shifts for team members to request. <br/>Supported methods:<ul><li>Manually create shifts and time off one by one.</li><li>Bulk creation of shifts and time off through Excel import and copy/paste.</li></ul> | Yes | Not available in Shifts.<sup>1</sup> |
+|Update and delete shifts, time off, and open shifts.<br/>Only manual one by one changes are supported.| Yes | Not available in Shifts.<sup>1</sup> |
+|Manage Shifts settings for the team. | Yes<sup>2</sup>| No<sup>3</sup>|
+|Create schedule groups to organize workers based on common characteristics within a team. For example, department or job type. | Yes | No<sup>4</sup>|
+|Retrieve time sheet reports. | Yes | Yes |
+|Retrieve the totals for hours worked and time off. | Yes | Yes |
+|Manage requests from workers. | Yes | Yes |
+
+<sup>1</sup>Creating, updating, and deleting shifts, time off, and open shifts are actions that frontline managers must do in the WFM system. The data is automatically synced to Shifts through the Shifts connector.<br/>
+<sup>2</sup>Depends on how your organization deployed Shifts. This might not be available for the frontline managers to manage locally.<br/>
+<sup>3</sup>Automatically configured when you set up the connection between your WFM system and the Shifts connector. No action is needed by frontline managers.<br/>
+<sup>4</sup>Automatically created based on the configuration of your WFM system.
+
+|Frontline worker capabilities |Standalone |Microsoft managed Shifts connector|
+||||
+|View their own and their team's schedule. | Yes | Yes |
+|View open shifts available in their schedule groups. | Yes | Yes |
+|Create open shift requests for manager's approval. Currently only available from within the teams the worker is a member of.| Yes | Yes<sup>1</sup>|
+|Create time-off requests for manager's approval. Currently, after the request is approved, the time off applies only to the team in which the worker requested it.| Yes | Yes<sup>1</sup>|
+|Create a request to swap a shift with a coworker on the same team. | Yes | Yes<sup>1</sup>|
+|Create a request to offer a shift to a coworker on the same team.| Yes | Yes<sup>1</sup>|
+|Clock in and out of shifts and breaks.| Yes | Yes<sup>1</sup><sup>,</sup><sup>2</sup>|
+|Edit timecard entries for clock in/out and breaks on mobile. | Yes | Yes |
+
+<sup>1</sup>Validations are made to ensure rules and business logic from your WFM system are applied.<br/>
+<sup>2</sup>Breaks aren't supported in the Teams Shifts connector for UKG Pro Workforce Management.
+
+## Extend Shifts capabilities
+
+Use the following resources to extend Shifts capabilities for your frontline workforce.
+
+|Resource |Example scenario |Target apps |
+||||
+|[shift Graph API](/graph/api/resources/shift?view=graph-rest-1.0)|Your organization wants to create reports based on Shifts scheduling data. |Apps that want to read/write Shifts data.|
+|[Graph API change notifications](/graph/api/resources/change-notifications-api-overview?view=graph-rest-1.0)|Your organization doesn't require frontline managers' approval for open shift requests. You can use Shifts webhooks notifications to trigger the approval automation process for open shift requests.|Apps that read Shifts data and want to be notified about changes made in Shifts. Additionally, these apps arenΓÇÖt data owners and donΓÇÖt have additional validation to run. |
+|[Shifts + Power Automate](https://make.powerautomate.com/connectors/shared_shifts/shifts-for-microsoft-teams/)|Your organization wants to take information from Shifts and create custom workflows with other apps and services. For example, create a flow to automatically approve swap shift requests and receive email notifications.|[Learn more](/connectors/shifts).|
+
+## Shifts resources
|&nbsp; |&nbsp; | |||
Use the following resources to help you set up and manage Shifts in your organiz
|:::image type="icon" source="/office/media/icons/administrator-teams.png":::|**[Manage Shifts](/microsoftteams/expand-teams-across-your-org/shifts/manage-the-shifts-app-for-your-organization-in-teams?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json)** Get an overview of how to manage Shifts for your organization. Learn how to control access to Shifts, pin Shifts to the Teams app bar for easy access, enable shift-based tags, and more. | |:::image type="icon" source="/office/medi)** Learn how to use team owner and team member roles in Teams and the schedule owner role in Shifts to define your frontline managers and workers in Shifts. | |:::image type="icon" source="/office/medi)** Learn how to control the Shifts capabilities that are available to frontline managers for managing their team schedules, such as the Shifts settings that they can configure and whether they can create and manage schedule groups. |
-|:::image type="icon" source="/office/media/icons/help.png":::| **[Shifts data FAQ](/microsoftteams/expand-teams-across-your-org/shifts/shifts-data-faq?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json)** Learn where Shifts data is stored and other topics related to Shifts data, including retention, retrieval, and encryption.|
-
-## Shifts connectors
-
-If you're using a third-party workforce management (WFM) system for scheduling, you can integrate directly with Shifts through managed Shifts connectors. After you set up a connection, your frontline workers can seamlessly view and manage their schedules in your WFM system from within Shifts.
-
-|&nbsp; |&nbsp; |
-|||
-|:::image type="icon" source="/office/medi)** Get an overview of Shifts connectors and how they work. Learn about the managed connectors that are available and the supported WFM systems. |
-|:::image type="icon" source="/office/medi).</li></ul> |
+|:::image type="icon" source="/office/media/icons/help.png":::| **[Shifts data FAQ](/microsoftteams/expand-teams-across-your-org/shifts/shifts-data-faq?bc=/microsoft-365/frontline/breadcrumb/toc.json&toc=/microsoft-365/frontline/toc.json)** Learn where Shifts data is stored and other information related to Shifts data, including retention, retrieval, and encryption.|
+|:::image type="icon" source="/office/medi)** Get an overview of Shifts connectors and how they work. Learn about the managed connectors that are available and the supported WFM systems. |
|:::image type="icon" source="/office/medi).</li></ul>|
+|:::image type="icon" source="/office/medi).</li></ul> |
|:::image type="icon" source="/office/medi#reflexis-shifts-connector-for-microsoft-teams)** Learn about integrating Shifts with the Reflexis WFM system through the connector.|
-## Shifts extensions
-
-|&nbsp;|&nbsp;|
-| - | - |
-|:::image type="icon" source="/office/media/icons/api-teams.png":::| **[Shift Graph APIs](/graph/api/resources/shift)** Shifts Graph APIs allow you to integrate Shifts data with external WFM systems. You have the flexibility to build custom Shifts experiences in the back end, while giving users a rich, front-end experience in Teams. |
-|:::image type="icon" source="/office/media/icons/process-flow-teams.png":::| **[Shifts + Power Automate](https://github.com/OfficeDev/Microsoft-Teams-Shifts-Power-Automate-Templates)** Shifts + Power Automate lets you take info from Shifts and create custom workflows with other apps and perform operations at scale. Automate key processes with little to no code. The triggers and templates support various scenarios such as enabling auto-approvals for shift requests when a managerΓÇÖs approval isn't needed. |
-
-## Featured training
+## Training for end-users
-|&nbsp;|&nbsp;|&nbsp;|&nbsp;|&nbsp;|&nbsp;|
+|&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |
| - | - | - | - | - | - | |:::image type="icon" source="/office/media/icons/get-started-teams.png"::: | [Video: What is Shifts?](https://support.office.com/article/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) |:::image type="icon" source="/office/media/icons/calendar.png"::: | [Video: Create a shifts schedule](https://support.microsoft.com/office/create-a-shifts-schedule-2b94ca38-36db-4a1c-8fee-f8f0fec9a984) |:::image type="icon" source="/office/media/icons/blocks-teams.png":::| [Video: Manage a Shifts schedule](https://support.microsoft.com/office/manage-and-view-a-shifts-schedule-63acda7b-ea39-441a-b1c6-c404a72e79f7) |