Microsoft 365 · Extensions & Add-ons
Office 365 and Microsoft 365 are the platform. What the standard doesn't cover, we build on top — clean, supportable, Release-Wave-proof. From SharePoint Framework web part through Teams app to Outlook add-in and Copilot Agent: arades GmbH develops on the official Microsoft extension platforms. 20+ years of practice. No undocumented tricks.
Why extensions instead of workarounds
In every mid-sized company there's a point where the Microsoft 365 standard is no longer enough: SharePoint pages don't look the way you need them. Teams should show data from the CRM. Outlook should show ticket status without anyone switching apps. Power Automate should reach a third party for which no ready-made connector exists. Your users then build workarounds — Excel lists, separate tools, shared mailboxes. With extensions we solve this at the root.
Six extension types
Microsoft has a documented extension platform for every use case. We know them all from production use — and we say honestly which one fits your requirement and which doesn't.
The official extension platform for SharePoint Online — with TypeScript, React, and modern frontend tooling. We develop web parts for Modern Pages, header and footer customizers for tenant or site branding, plus field and list customizers for structured data presentation.
Typical use cases: employee directory from Entra ID, KPI dashboards with Power BI embedding, industry-specific form layouts, on-brand tenant branding.
Standalone Teams apps as tabs, bots, or messaging extensions. Personalized app manifests, SSO via Entra ID, Adaptive Cards for structured content. Multi-tenant publication in AppSource or tenant-only sideloading — both proven in practice.
Typical use cases: CRM records in Teams conversations, approval workflows, onboarding bot, industry-specific search across multiple data sources.
Modern Office add-ins via the Office.js platform — run cross-platform in desktop, web, and mobile apps. Outlook add-ins for read and compose modes, Word add-ins for templates and content generation, Excel add-ins for custom functions and domain-specific analyses.
Typical use cases: show CRM contacts in Outlook, generate contract templates in Word, industry-specific Excel custom functions for calculations.
Microsoft Graph is the unified API gateway to mail, calendars, files, Teams messages, users, and devices. We build server-side integrations (daemon, background worker, ETL) as well as client-side calls from single-page apps. Subscriptions and webhooks for event-based architectures.
Typical use cases: connect external systems to Microsoft 365 data, compliance analyses, onboarding/offboarding automation, reporting on tenant activity.
When Power Automate and Power Apps need to reach an API for which Microsoft does not provide a ready-made connector, we build custom connectors based on OpenAPI/Swagger specifications. Including OAuth flows, policy templates, and multi-tenant delivery.
Typical use cases: industry ERP, older SOAP services, custom backend services, REST APIs from logistics partners, marketplace interfaces.
Custom Copilot Agents via Microsoft Copilot Studio — with SharePoint, Teams, and custom knowledge sources. Embedded as a standalone agent in Microsoft Teams, in Microsoft 365 Copilot Chat, or via Microsoft 365 Copilot extensions directly in the productive workflow.
Typical use cases: knowledge agent on a SharePoint intranet, HR and IT helpdesk agents, industry-specific search assistants, onboarding companion.
Engineering principles
Microsoft publishes a release wave twice a year, plus monthly updates for SharePoint, Teams, and Microsoft Graph. An extension that can't handle that is junk after a year. Four principles we stick to — even when they cost more time up front.
No undocumented SharePoint endpoints, no private Teams backend calls, no DOM manipulation on Microsoft surfaces. Everything via Microsoft Graph, SPFx, Office.js, and the Teams JS SDK.
Minimal permission scope, clear separation of delegated vs. application permissions, documented admin consent. No embedded tokens in code — auth via Entra ID, MSAL, managed identities.
Build pipelines with pinned Node version, SPFx generator version, Teams Toolkit version. Bundle and manifest artifacts in Git, every release traceable.
In the Application Care model we review twice a year, aligned with the release wave, whether Microsoft changes have any impact — and adapt bundle, manifest, or code before it breaks.
How we deliver
When the requirement is cleanly scoped (e.g., "SPFx web part that shows data X from API Y"), we quote a fixed price. Typical range: 2–6 weeks delivery, low to mid four-figure budget.
When requirements still need discovery, or the extension is part of a larger implementation, we work by effort using sprint logic and fixed daily rates.
You already have SPFx web parts, Teams apps, or Outlook add-ins in use — including from other firms. We take over maintenance and evolution in the Application Care model, on a monthly flat rate.
AppSource or tenant-only
An add-on doesn't have to be public. Three models we deliver:
FAQ
We develop on the official Microsoft extension platforms: SharePoint Framework (SPFx) for SharePoint web parts and extensions, Teams apps with tabs, bots, and messaging extensions, Office add-ins via Office.js for Outlook, Word, and Excel, Microsoft Graph-based custom integrations, Power Platform custom connectors, and Copilot Studio Agents. All extensions are Release-Wave-proof and use only documented Microsoft APIs.
A simple SPFx web part or Teams tab is in the low four-figure range — a compact quick-win project. More complex add-ons with their own backend logic, Microsoft Graph calls, and multi-tenant support move into the mid five-figure range. An initial effort estimate comes in the 30-minute initial conversation.
Yes — provided they use only documented Microsoft APIs (Microsoft Graph, SPFx, Office.js, Teams JS SDK). We deliberately avoid undocumented endpoints, DOM manipulation, and private SharePoint page routes. Under a follow-on care model we review twice a year, aligned with the Microsoft release waves, whether adjustments are needed.
Microsoft Graph has been a core toolset for us for many years. We build both delegated-permission flows (user context) and application-permission flows (daemon, background jobs) — including change notifications, subscriptions, webhooks, and batch requests. For sensitive scenarios we use Microsoft Entra ID Conditional Access, app roles, and managed identities.
A Teams app is a standalone application in Microsoft Teams (tabs, bots, messaging extensions). A Copilot Agent is an AI interface built in Microsoft 365 Copilot or Copilot Studio that accesses a knowledge base or API source and replies in natural language. The two can be combined: a Copilot Agent can be rolled out as a Teams app — and a Teams app can embed a Copilot Agent.
Yes — taking over existing solutions is often the entry point. We check code quality, API currency, Microsoft Graph permissions, bundle size, and performance. We then take over maintenance and evolution in the Application Care model — including solutions we did not build ourselves.
Yes — both internal add-ons (tenant-only) and public publications in Microsoft AppSource are possible. For an AppSource publication we guide you through Microsoft certification — security review, performance tests, marketing requirements, and multi-tenant setup.
Free Microsoft 365 trial guidance
arades sets up a test tenant for 3 users, trains your key users, runs weekly office hours — and tells you honestly at the end whether Microsoft 365 is the right fit. Free of charge.
30-min initial conversation
We listen to the requirement and tell you which Microsoft extension platform fits — SPFx, Teams app, Outlook add-in, Graph, Power Platform connector, or Copilot Agent. And whether a fixed price makes sense, or whether the requirement needs sharpening first.
Accompanying services
Engineering projects rarely stand alone — license logic, architecture clarification, quality gates, knowledge transfer, and follow-on operations usually run in parallel. Here are the most common accompanying services we add to Discovery Spikes, sprint fixed-price engagements, or Application Care contracts.
Up front · architecture
Before implementation: tenant structure, data model, security concept, integration mapping. The result is an architecture document any engineering team can pick up — including one other than us.
Read more →
Up front · CSP
Which license bundles for which users, which add-on SKUs are needed, where you are over- or under-licensed. Procured via Microsoft Licensing Partner — with the option to use CSP purely as a control mechanism without margin maximization.
Read more →
During · quality gate
Independent second opinion during a running implementation project — whether we are delivering it or another partner. CMMI-based quality gates, risk reviews, fixed price per gate.
During · adoption
Not the classic two-day workshop that's forgotten after a week — but a dynamic learning program over 4–6 weeks with kickoff training, application phases, and advanced sessions. Training matrix for roles and topics.
Read more →
After · operations
After go-live: a predictable Application Care contract with monthly flat rate, SLA-based. Includes releases, hotfixes, extensions, tenant hardening — and continuous support instead of merely reacting to tickets.
Read more →
After · knowledge
When the original developers are gone, the previous partner is no longer reachable, or the documentation is outdated — reverse engineering of the existing solution with a documented result: code map, data model, customization inventory.
Read more →
