How to notify MS Teams when a new Managed Data Leaks finding is published

This guide allows your engineers to set up a notification in Microsoft Teams when a new Managed Data Leak finding is published.

Written by Steve Cossell

Overview

This article walks you through how to configure UpGuard to send alerts into a Microsoft Teams channel using Microsoft Workflows (Power Automate). These alerts are triggered when a new Managed Data Leak finding is published. You can adapt this method to other alert types if needed

Part 1: Create the Workflow in Microsoft Teams

  1. Log into Microsoft Teams and open the Teams app.
    Screenshot 2025-05-13 at 3.48.33 PM

  2. Click on Apps > Workflows > Manage Workflows.
    Screenshot 2025-05-13 at 3.49.10 PM


  3. Select “Post to a channel when a webhook request is received”.
    Screenshot 2025-05-13 at 3.50.38 PM


  4. Give your workflow a descriptive name.



  5. Choose the Team and Channel where notifications should be posted.Click Create flow.



  6. Copy the generated webhook URL and paste it into a .txt file. Save it for the UpGuard integration step.Click Done to complete the initial flow creation.



Part 2: Edit the Flow Message Format

  1. Return to the Workflows Home tab. Find your newly created flow and hover over the three vertical dots (•••) to open More commands, then click Edit.
  2. Delete the second box in the flow.

  3. Add a new action: "Post message in a chat or channel" directly after the "When a webhook request is received" trigger.

  4. In the "Post message" action:

    • Select the same Team and Channel.
    • In the "Message" field, construct your message using the data from the triggerBody(). For example, to create a message with some of the notification details, you could use something like:


New Notification Received:

ID: @{triggerBody()?['notification']?['id']}

Type: @{triggerBody()?['notification']?['type']}

Description: @{triggerBody()?['notification']?['description']}

Occurred At: @{triggerBody()?['notification']?['occurredAt']}

 

Finding Details:

Finding Name: @{triggerBody()?['notification']?['context']?['FindingName']}

Finding URL: @{triggerBody()?['notification']?['context']?['FindingUrl']}

Finding ID: @{triggerBody()?['notification']?['context']?['FindingId']}

Event: @{triggerBody()?['notification']?['context']?['Event']}



It will looks like this:

Click Save.


Leave this browser tab open—you’ll return here to test in a moment.


Part 3: Set Up the Integration in UpGuard

  1. Log in to your UpGuard account.

  2. Go to Settings > Integrations.

  3. Click New Integration.

  4. Select the trigger: “When a new data leak is published”.

  5. Name the integration.

  6. When prompted for the destination:

    • Paste the webhook URL from your .txt file into the Webhook URL field.

Set HTTP Headers to:

Content-Type: application/json


7. Click through to the Review Payload step and leave all settings as-is.


Part 4: Test the Integration

  1. Return to your Teams Workflows tab and click Test > Test flow = Manually > Test.



  2. In UpGuard, click Send Test Message.



  3. Go back to Teams—your test message should now appear in the channel you selected.



  4. And then go to Teams and check your channel, you should see the new message there


Example Payload Output (in Teams)

New Notification Received:

ID: 12345

Type: Data Leak

Description: Sensitive data detected on public site

Occurred At: 2024-04-25 10:00 UTC

 

Finding Details:

Finding Name: Leaked Database Record

Finding URL: https://platform.upguard.com/...

Finding ID: ABCD1234

Event: NewDataLeakPublished

 

Need help?

If anything in this process isn’t working, or if you’d like to apply this to a different type of notification, please contact UpGuard Support—we’re happy to help!

See also: