Skip to main content

How it's built

Kybera Impact is composed of three Microsoft platforms — Microsoft 365, Azure, and Power Platform — running entirely in your tenant and your Azure subscription. Every piece of infrastructure is something Microsoft already operates on your behalf.

How a request flows

A typical workspace request moves through the platform like this:

  1. A user submits the request in a Power App in your Power Platform environment.
  2. The request is written to a SharePoint list on the Kybera Impact portal — a regular SharePoint site in your tenant.
  3. A Power Automate flow notifies the relevant business broker for review.
  4. Once approved, an Azure Automation runbook runs the provisioning pipeline against Microsoft 365.
  5. A bilingual email notification confirms to the requester that their workspace is ready.

The entire chain runs on Microsoft's own services, in your tenant. There's no intermediate hosted service, no Kybera-operated middleware, no off-tenant processing.

The components

  • Microsoft 365 hosts the workspaces, the Kybera Impact portal, the content-type hub, and the term store. Microsoft Teams provides the Teams-connected workspace experience.
  • Azure hosts the automation that does the work. Azure Automation runbooks handle provisioning, compliance, audit, lifecycle, and reconciliation. Key Vault holds the platform's small set of secrets. Storage bridges between the two automation runtimes.
  • Power Platform hosts the four apps and the Power Automate flows that bridge user actions to Azure Automation.
  • Microsoft Graph is how the platform reaches Microsoft Teams, usage reporting, identity, and Purview-related operations.

Why your organization benefits

  • One tenant boundary, one update cadence, one security review, one cost line. Building governance on Microsoft's own services collapses what would otherwise be a multi-vendor integration into a single platform you already trust.
  • No new infrastructure to operate. Every component is something Microsoft already manages. Your IT team is operating Microsoft 365 and Azure — the same services they already operate.
  • Designed for Microsoft's primitives. The platform respects Microsoft's list view thresholds, delegation limits, and rate limits — so it works correctly at scale without surprises.

Where this fits

The full picture of authentication and permissions is in Security & tenant boundaries. How Kybera Impact extends Microsoft's own services is in Microsoft alignment.