Microsoft 365 Message Center

Cloud services bring a lot to the table, and I do mean a lot, which for some organizations can be challenging as one very important notion to keep in mind is that cloud is always changing. Microsoft 365 is no exception to this as Microsoft constantly releases updates, new features, UI enhancements, and more on what seems like a daily basis.

So how is an organization supposed to keep up? Great question; Microsoft has a few options for you to be honest.

Message center is what this post is going to focus on as, in my opinion, it’s the best way to see what is happening in the world of M365, in your tenant, and what’s to come (prepare!). A lot of my customers in the past have made statements like “Microsoft just released this new app without me knowing!” or “I had no idea Skype for Business was going away!?” which if they had paid attention to the message center they would have known for sure.

Not to say the message center is in your face and obvious but it is something that all M365/O365 admins should be aware of. So what is this post about? Well we are going to talk about the native message center capabilities to keep you and your staff informed, what the mobile admin center app can do to help keep you informed, and what you could do with Power Automate to customize your notifications. Ready? Let’s go!

What is the message center?

The message center is a native and integrated way of seeing upcoming changes like new and upcoming features, planned maintenance, and other important announcements from Microsoft. This is a great place to go and see what might be coming or changing in the next 3 to 6 months so that you can begin to plan your change management, update training material, or be ready to enable/disable a feature.

Each message center post comes with a high level overview of the planned change and how it might affect your tenant and users along with any relevant links to help you prepare. Pretty important stuff to keep an eye on right? I think so to.

Who can view message center notifications?

By default most admin level roles in Microsoft 365 have access to the message center. In organizations where they want help desk level staff to monitor service health, which is a great idea since they talk directly to your end users the most anyways, you can provide them the role of Message Center Privacy Reader or the Message Center Reader role (or both). This is assuming your help desk staff aren’t already assigned the Helpdesk Admin role.

  • Message Center Privacy Reader Role
    • Access to data privacy messages in Message center, gets email notifications.
  • Message Center Ready Role
    • Reads and shares regular messages in Message center, gets weekly email digests, has read-only access to users, groups, domains, and subscriptions

Resource: All Admin Roles in Microsoft 365

How do I see this message center?

I want to start off with that this post and any screen shots you see are using the new admin center experience; if yours does not look the same please enable the new experience now (it’s worth it). Need to turn it on? Toggle the switch in the upper right hand corner in your admin center.

Once in the admin center on the left hand navigation menu expand it by selecting show all , expand Health, then select Message center (direct link here). You’ll be presented with all active messages for your Microsoft 365 tenant and service.

What can I do from here?

Now that you know what it is, who can access it, and where it lives let’s talk about how to use it. Now I know what you are thinking “Nick I just read messages and stuff right?” Well yes, yes you do; but to get the full value I highly recommend you make some preference choices depending on you and your organization has divided up responsibilities.

Customize your native experience

The message center allows us to make some changes to what we see and even sign up for a summary email! For starters let’s assume your organization has an all up global admin, an exchange admin, a teams admin, and a data privacy admin. The global admin most likely will want to see any and all alerts but the exchange admin may only care about seeing things specific to exchange.

To do this let’s adjust the preferences in the message center:

While in the message center click on Preferences just above the list of notifications.

You will see a list of services that are all checked by default; if you are a service level admin you might want to focus this down to your specific service such as exchange and other services related.

Once you have selected your services to focus on you can click save at this point. Changes can take up to 8 hours to reflect in your message center. But before you save and leave let’s look at the email preferences!

Email Summary

The message center also sends out a summary email weekly to any admin in the tenant. This is on by default and I highly recommend leaving it on. But if needed you can disable the weekly summary which if you plan to use Power Automate to customize this beyond what you can do natively would be recommended.

As you can see you will receive a weekly email digest, emails for any major updates to M365, and an email for data privacy messages.

Note that at the bottom you can select Other e-mail addresses. This is where you can have the weekly digest and other emails go to another user, or two (two max) or you can use a distribution list. This is great if you want to inform a broader team of what’s to come without giving them access to the message center at all. Remember though that other admins are able to control their experience so try not to use a DL that includes other admins as they may have turned off emails for a reason.

Any changes you make here though affects only your message center experience which is awesome!

Let’s read some messages

Now that we have our message center set up just how we like it we can begin interacting with the notifications. To help you focus quickly the message center has four “views” that help to scope the list down a bit.

High importance quickly filters your list down to major updates. Major updates are communicated at least 30 days in advance when an action is required. Major updates are defined as:

  • Changes to daily productivity
  • Changes to themes, web parts, and other components that may affect customized features
  • Increases or decreases to visible capacity such as storage, number of rules, items, or duration’s
  • Changes to product branding that may:
    • Cause end user confusion
    • Result in changes to help desk processes and/or reference material
    • Change to a URL
  • A new service or application
  • Changes requiring an admin action (exclusive of prevent or fix issues)
  • Changes to where your data is stored

Unread messages are exactly that, unread messages in the list (bold items). Archived messages are notifications that you may have already read but archived to reference at a later point.

Moving on to the list itself, we can filter this down a bit more by selecting the Filter option in the upper right hand corner of the list. Once we have the view we need/want we can begin reading some notifications!

As you can see I have my list view set to high importance which at the top of the list at the time of writing this post is in regards to preparing for COVID-19.

Just as mentioned before the message is broken down in to various sections which each have their own purpose. (The entire message is not shown to the left) We can see the over view, any impact to the system/services, and actions that you as an admin can take along with external links to help provide additional guidance.

You’ll also see that along the top just under the message ID and published date are some icons. These icons from left to right allow you to copy this specific message’s URL to share with another admin for quick viewing, mark the message as read/unread, and provide feedback thumbs up/down.

At the bottom of the message you’ve selected you’ll also notice a quick share button. Since the copy link feature requires the receiver be able to access the message center; the share button allows you to send a copy of the message itself to up two people (or a DL), send a copy to yourself, and include a personal message if you would like.

So now we’ve read our message, marked it as read (done automatically after leaving the message view), and archived it if we wanted to. Now continue on and read your messages taking action where needed!

Note: that a message marked as read for you does not mark a message as read for the other admins.

So the message center is great and contains a lot of valuable and important information but a weekly digest is just not enough. How do you get closer to real time notifications when something is happening? Keep on reading to find out!

Resource: Manage messages in Message Center

M365 Admin Mobile App

Microsoft has an Admin Mobile app for both iOS and Android that allows you to make quick changes to users and groups while on the go. But another great feature is the ability to get notifications from the message center via the app!

Main screen of admin app where you can quickly see message count and go to messages

You can also get to the messages by using the side nav. This is also where you’ll find the settings menu.

List of messages just as in the web view.

Going into a message we can see the information and quckly share via email as well.

Under settings > notifications > we can turn on message center notifications.

The mobile app is a great alternative to the web based message center and allows for those push notifications we all know and love to help grab your attention. But if we don’t want the app, or just don’t like the app, and still want a bit more control of the messages/notifications from the message center? Well we can use the power of the Graph API and Power Automate!

Custom Notifications with Power Automate

Microsoft publishes API’s that your organization can use to create custom management tools and/or dashboards of various services within M365. Today though we are going to focus on the O365 Management API which is where the activity feed services live that we know and love by the name of the message center!

With that API we can create a Power Automate workflow (previously known as Flow) to pull data from that API on a schedule and then send it out as an email to whoever we want. Now we can do that natively with the message center already so why add complexity? Well you can do a lot more cool stuff if you do things through Power Automate such as:

  • Send to multiple people (beyond two) without needing a DL
  • Send to external addresses or archiving services
  • Send to a Teams Channel
  • Send more frequently such as every 5 minutes (crazy!), hourly, or daily (now we are talking
  • Filter your email based on message severity/type etc.
  • Send different types of messages with different email templates
  • And much more

Other cool things you can do is use this data to publish to your own internal dash board that you then allow all users in the org to see. This is the most common use case primarily for Service Health (so end users can see EXO is down) but not so much for message center notifications but to each their own.

In this example I’m going to show a very brief example of how to create a flow that will pull the data from the management API every hour, filter based on severity, and then send that in a basic email format to various users.

Note: This requires a premium license of Power Automate as we are using the module HTTP to do a GET from the API endpoint. You can start a trial if you would like but will need to purchase licenses should you wish to keep this in production.

Register our “app” in Azure AD

Before we can leverage the Graph API we must first register this as an application in Azure AD and give it the appropriate permissions to actually pull the activity data we want from the management API. The nice thing is we can use this in other true applications beyond our little Power Automate flow like in an in house message center and so on. This demo is specifically to allow the flow to read the data but feel free to play around as you see fit.

Let’s start by going to our Azure AD Portal > https://aad.portal.azure.com > select Azure Active Directory in the left hand navigation bar (direct link)

Select App registrations under Manage.


Select + New Application at the top


For the title simply give it an easy to understand (friendly) name that represents what it will be doing. For mine I provided O365 Management API as the name in the event I use this in other applications. Leave the rest as default.


You will be automatically taken to the overview page of the new “app” we just registered. From here select API permissions under Manage.


You’ll see the permissions list and a default Graph API for User.Read. We shouldn’t need this permission so we can safely remove it by clicking the three dots to the right and removing this permission.


Now click on + Add a permission > select Office 365 Management APIs from the blocks of choices.


Then select Application permissions since this will be running in a flow and not directly tied to a user from an API perspective.


Now expand all of the permissions and select them all (Read) then click Add permissions.


After that is complete you will click on Grant admin consent for Contoso allowing this application the ability to use the API with those permission we granted. Once consent is provided it should look like below:

Now we need to create a secret to allow our flow to use this API. Click on Certificates & secrets under Manage.

Click on + New client secret > provide a description such as Message Center Flow > choose 1 or 2 years to expire (or never) just remember you’ll need to update the flow with a new secret if you let this expire > click Add.


Now you only have this one chance to grab the secret in plain text. Copy it temporarily somewhere super safe as this is what allows any applicaton/person to use the API permissions we’ve provided.


On top of needing our secret we will also need the Application (client) ID and Directory (tenant) ID which we can grab from the Overview page of our O365 Management API “application”. Copy these two values some where safe temporarily with your secret.

We are now done with the Azure AD portal and you can safely close it! Just keep those three values we copied handy and safe while we go and create our flow.

Time to create our flow! I mean Power Automate flow!

Navigate to https://flow.microsoft.com and sign in with your work account. Remember that all M365/O365 accounts automatically get Flow for O365 which is limited to primarily enhancing your Office 365 experience. Today we are going to use a premium feature which is to do an HTTP call. When you first click on this module it will ask to start a trial if you aren’t already licensed to use it.

Note: To learn more about Power Automate licensing I would check out this resource specific to EDU.

Click on Create from the left nav bar > then select Scheduled flow


Provide a name like Message Center Daily Email then choose when to start the flow and how often to run it.

Mine is going to start on the 27th of March at 7am and run that same time every day. > Click Create when ready.


Click on + New step to start building out the flow. I will break down the flow by each module below.

You will technically be starting after Recurrence but I mention it below as I made an adjustment.

We are going to have six “modules” (that’s what I call them) as part of our sample flow. Each one is broken in order below. Create your flow to match.

Recurrence: is the schedule (daily at 7am) that we set when creating the flow. This is automatically created for you. I did however adjust the time zone value and the at these hours value to reflect 7am no matter what.

Get activity feed from message center: this is an HTTP module set to GET which is what will call the API using the Active Directory OAuth to use our API permissions.

When in the + New Step window you will look for HTTP.

Tenant is the Directory ID, Client ID is the Application ID, and Secret is our secret we copied down before!


Parse activity feed: This is where we will use a Parse JSON data operation to make sense of the data we pulled from the API. So for Content we will add the dynamic content from Body of Get activity feed from message center. The schema used will be included below as well just copy and paste into the schema window.

{
    "type": "object",
    "properties": {
        "value": {
            "type": "array",
            "items": {
                "type": "object",
                "properties": {
                    "AffectedWorkloadDisplayNames": {
                        "type": "array"
                    },
                    "AffectedWorkloadNames": {
                        "type": "array"
                    },
                    "Status": {},
                    "Workload": {},
                    "WorkloadDisplayName": {},
                    "ActionType": {},
                    "AffectedTenantCount": {},
                    "AffectedUserCount": {},
                    "Classification": {},
                    "EndTime": {},
                    "Feature": {},
                    "FeatureDisplayName": {},
                    "Id": {},
                    "ImpactDescription": {},
                    "LastUpdatedTime": {},
                    "MessageType": {},
                    "Messages": {
                        "type": "array",
                        "items": {
                            "type": "object",
                            "properties": {
                                "MessageText": {
                                    "type": "string"
                                },
                                "PublishedTime": {
                                    "type": "string"
                                }
                            },
                            "required": [
                                "MessageText",
                                "PublishedTime"
                            ]
                        }
                    },
                    "PostIncidentDocumentUrl": {},
                    "Severity": {},
                    "StartTime": {},
                    "Title": {}
                },
                "required": []
            }
        }
    }
}

Filter activity feed: will use a Filter Array module to take the value from Parse activity feed and then filter it down only show items that equal a severity type of high. This is optional and configurable to what ever you want. You can use your flow to see all of your options for severity, message type etc. We however will not be covering that in this post.

Copy and past the expression after the screen shot to filter to high severity.

@and(equals(item()?['MessageType'], 'MessageCenter'), equals(item()?['Severity'], 'High'))

Create HTML table: This is an HTML table module where we will generate an HTML table layout to put our new data we filtered making our email easier to read and generate. Notice that we use Custom columns and I entered my own headers. You can label these whatever you want. The value column uses the variables from our Filter activity feed module.


Send an email (v2): This is named just like the module you’ll search for and use. Here is where we will customize the email we are going to send out daily at 7am.

  • To: put as many users as you want (within reason) or put a DL or a couple of DL’s go reasonably crazy! Already we can see the flexibility we have.
  • Subject: put any subject you want to designate what this email is. I also added an expression to stamp it with a date but you don’t need to.
  • Body: this is an HTML capable editor which you don’t need to fill out. You can simply add the variable Output from our Create HTML table module and it will auto generate the email for us based on that but my HTML code shown makes it a bit prettier to look at.
  • importance: I set to High since I’m pulling high severity messages.

You’ll notice other fields you can use as well such as From which I recommend using. This will require the creator of the flow to have send as and on behalf of rights to the shared mailbox or DL. (not covered here).

After your final save of your flow let’s test it! You can click on Test in the upper right hand corner > select I’ll perform the trigger action then click Test > then click Run flow.

After this is complete it should show your the flow’s real run time process with all green check marks. Afterwards you should see an email in your inbox that looks like:

Using the default formatting from our HTML table

Added HTML formatting

Final words

So now you’ve seen how to use the message center as is, leverage the mobile app for some added notification goodness, and how to create a custom flow to help give you some additional options and customizations! There is still so much more you can as this is just the beginning but hopefully it gets you interested enough to keep digging and learning.

No matter how you get the notifications from Microsoft, it is extremely important that you and your administrative staff in charge of M365/O365 pay attention to these as they do truly try to help keep you in the know of what’s to come, what’s happening, and other important information.

Cheers!