Guided Setup of SafeSend Cloud

Marissa Fegan
Marissa Fegan
  • Updated

Written By Marissa Fegan

Updated at May 19th, 2026

Sending an email to the wrong person or attaching a sensitive file by mistake can happen in an instant. VIPRE SafeSend Cloud helps eliminate these common but risky errors, by intelligently prompting users to verify external recipients and attachments, adding a simple but powerful layer of security to your email workflow.

This guided setup applies only to SafeSend Cloud. If you are using any version of SafeSend Self-Hosted, please navigate to the SafeSend Self-Hosted guide instead.

Ready to get started? You're in the right place. This guide will lead you through the deployment process from start to finish. If you'd like to learn more about its features first, we invite you to check out our product overview and comparison chart.

Prerequisites

Before you install SafeSend Cloud add-in for Outlook, please verify that you have all of the required prerequisites listed here.

  • Verify that your organization meets the System Requirements
  • Ensure you have access to your organization's Microsoft tenant with Global Admin or Privileged Role Admin login credentials

Access SafeSend Cloud

SafeSend Cloud is hosted within the VIPRE Symphony portal. If you currently access other VIPRE products via the portal URLs listed below, your account is already configured, and you may skip steps 2 through 4.

  1. Navigate to the appropriate access URL for your region
    1. North America: https://security-na.threatsecure.com
    2. Europe: https://security-eu.threatsecure.com
  2. Click Forgot password? 
  3. Enter the email address you used to subscribe to SafeSend Cloud and follow the prompts to set your password
  4. Upon your first login to the VIPRE Symphony portal, you will be prompted to configure Two-Factor Authentication (2FA); you can complete this setup using either SMS or an Authenticator app

Connect your Microsoft Tenant

  1. When you successfully log in to the SafeSend Cloud web console for the first time, you will see the "Start your account configuration" screen; click the Connect button to begin the integration process
  2. You will be redirected to the Microsoft "Pick an account" page; select the Global Administrator or Privileged Role Administrator account for the tenant you wish to protect
  3. Once signed in to your Microsoft tenant, you will see a list of APIs for which SafeSend is requesting permissions; review the requested list and select Accept

SafeSend Cloud requires a mix of Delegated and Application permissions to manage user identity and interact with email metadata for Data Loss Protection (DLP) scanning. You can preview a detailed list of requested permissions below:

API / Permission Name

Type

Description

Calendars.ReadWrite.Shared

Delegated

Read and write user and shared calendars

email

Delegated

View users' email address

Files.ReadWrite

Delegated

Have full access to user files

Group.Read.All

Delegated

Read all groups

Group.Read.All

Application

Read all groups

Mail.ReadWrite.Shared

Delegated

Read and write user and shared mail

offline_access

Delegated

Maintain access to data you have given it access to

openid

Delegated

Sign users in

profile

Delegated

View users' basic profile

User.Read

Delegated

Sign in and read user profile

User.Read.All

Application

Read all users' full profiles

User.ReadBasic.All

Delegated

Read all users' basic profiles