I built an AI help desk that only says what your IT team already approved

SharePoint page, an old email someone forwarded six times, a Word document nobody had touched in two years. Someone still had to read the ticket, find the right answer, and type the reply. Every time.

So I built a workflow to handle it.

What I built

An IT help desk pipeline running on Microsoft 365 and n8n. It handles three intake channels: Outlook, Microsoft Teams, and voice, using the same SharePoint knowledge base across all three. Every reply that reaches an employee was written and approved by the IT team in advance. The AI decides which resolution fits or whether escalation is needed. SharePoint delivers the exact fix steps text.

n8n is the orchestration layer for Outlook and Teams. It receives the trigger, normalizes the payload, classifies the ticket via Azure OpenAI, queries SharePoint, routes to auto-resolve or escalation, sends replies, posts Teams cards, and writes to the execution log.

The voice channel works differently. ElevenLabs runs the conversation and calls out to n8n via six dedicated webhooks when it needs to take action: verify the caller, fetch the current KB intents, look up a resolution, send instructions by email, escalate, or log the outcome. n8n handles the execution. ElevenLabs drives the call. The full pipeline runs across ten dedicated n8n workflows: two for email and Teams intake, two for shared infrastructure, and six for the voice channel.

Three third-party components handle the parts Microsoft does not cover natively: n8n for workflow orchestration, ElevenLabs for the voice agent, and Twilio for the phone number. All three require a paid subscription. Power Automate is also required for Teams card posting and is included in most Microsoft 365 business plans, but confirm your plan covers webhook-triggered flows before building.

Classification runs on GPT-5.4-mini deployed via Azure OpenAI through Microsoft Foundry.

The voice agent runs on Claude Sonnet 4.6 inside ElevenLabs.

The knowledge base

Everything starts here. Your IT team adds a row to a SharePoint list for each issue category: resolution steps, estimated fix time, and an optional KB article link. Anyone on the team can edit it like a spreadsheet.

The intent list is fetched dynamically from SharePoint at runtime. Add a new row and all three channels pick it up on the next request. No workflow changes, no prompt edits, no redeployment.

Three intake channels, one pipeline

Outlook:
A Microsoft Graph Change Notification fires the moment a new email hits the shared help desk mailbox. The workflow responds immediately with HTTP 200 to prevent Microsoft retry behavior, fetches the KB list, classifies the ticket, and routes it to auto-resolve or escalation. Emails sent by the shared mailbox itself are filtered out to prevent reply loops.

One important detail: the Graph subscription has a 3-day maximum expiry enforced by Microsoft. A dedicated Renew Graph Subscription workflow runs every 2 days and extends the subscription automatically via a PATCH call. The Outlook trigger stays live without manual intervention.

Microsoft Teams:
Employees post IT requests to a designated Service Desk channel. A scheduled workflow runs every 30 minutes, reads the last-processed timestamp from a SharePoint list, and pulls messages created after that point. After processing, it updates the timestamp. That single-row SharePoint list is how duplicate processing is prevented across poll cycles. For each message, the workflow resolves the sender's Azure AD object ID to their real user principal name via the Microsoft Graph API before classification runs.

Voice:
An employee calls a dedicated number handled by an ElevenLabs AI voice agent. ElevenLabs connects to n8n via six dedicated webhook workflows that handle all M365 work on behalf of the agent: identity verification, KB intent fetching, resolution lookup, email delivery, escalation, and outcome logging. The voice channel uses the same SharePoint knowledge base, execution log, and Graph API App Registration as the Outlook and Teams channels.

The voice channel: identity first

Before the agent discusses anything IT-related, it asks for the employee's ID. That ID is checked against live Entra ID directory via the Microsoft Graph API.

Active account: the call continues. Disabled account: the caller is directed to their manager or HR.

No separate employee database. No list to maintain. Terminated employees are blocked automatically when their Entra ID account is disabled. New hires are verifiable the moment their account is provisioned.

If employees are unlikely to remember a numeric employee ID, there is an SMS-based alternative that works with the existing stack. The caller provides their name or work email, n8n retrieves their mobile number from Entra ID via the Microsoft Graph API, Twilio sends a one-time code by SMS, and the agent asks the caller to read it back. No new platforms required, just mobile numbers populated on Entra ID user profiles and an updated verification workflow in n8n.

Note: this approach requires User.Read.All on the App Registration, which is a broader Graph permission scope than the base build grants. It is not included in the default configuration and should be assessed against your organisation's permission policies before implementing.

Once verified, the agent fetches the current support categories from SharePoint and listens to the issue. It either walks through resolution steps verbally, emails them to the caller's work address, or escalates to the Service Desk with a callback number. Everything gets logged to SharePoint either way.

How the AI works

I kept the AI role as small as possible.

It reads the incoming message and matches it to one of the intent categories in the SharePoint KB. It returns a confidence score alongside the category. If that score is above 0.75 and a KB match exists, n8n sends the pre-approved resolution to a user and posts an auto-resolved summary card to the Service Desk manager's Teams channel.

If that score is below 0.75, the user does not get an automated reply. The issue gets escalated to a human agent instead. The escalation email is sent to the Service desk team’s email and also Service Desk Teams channel get an escalation card posted. And a user receives an email with escalation information.

Follow-up detection works as a separate check. The system scans the message body and subject line for signals that the employee is responding to a prior automated reply: phrases like "still not working" or a subject line starting with Re:. When those signals are present, the ticket escalates immediately. The escalation reason is prefixed with FOLLOW-UP so the agent knows what they are dealing with before opening it.

One thing to be explicit about: the AI does not write the reply. Once a category is confirmed, the workflow does a deterministic lookup in SharePoint and sends the stored resolution text exactly as written. Not a generated paraphrase. Not a summary. The exact text your IT team approved.

Teams notifications and Power Automate flows

Three Microsoft Teams groups keep employees, agents, and managers in separate channels.

•      Service_Desk_Tickets: where employees post IT requests and receive replies

•      Service_Desk: where agents receive escalation cards

•      Service_Desk_Manager: where managers see auto-resolve summaries and error alerts

Teams card posting runs through Power Automate webhook flows. One flow per channel, three flows total. This is the current approach for posting adaptive cards to Teams channels from external systems. Office 365 Connectors were retired in May 2026 and are no longer a viable option.

One constraint worth knowing: private Teams channels do not support Power Automate webhook flows targeting them directly. The three-team structure is the workaround that keeps each audience in its own lane.

Cards are color coded. Blue for auto-resolved. Orange for escalation. Red for system errors.

When something goes wrong

Every workflow in the pipeline has a dedicated Error Handler workflow assigned to it. When any node fails, n8n triggers the Error Handler automatically. It posts a red alert card to the Service Desk Manager Teams channel with the workflow name, the failed node, the error message, and the execution ID. The manager knows about the failure immediately, with enough context to act on it.

The error is also written to the same SharePoint execution log as normal ticket outcomes, so failures show up in the dashboard alongside volume and resolution metrics.

What I intentionally did not automate

This system does not reset passwords. It does not modify user accounts. It does not grant SharePoint permissions. It does not change group memberships. It does not generate new employee-facing answers. It does not process external senders.

That was deliberate. The goal was not to build an autonomous admin agent. The goal was to reduce repetitive L1 work while keeping human control over anything that touches access, identity, security, or production configuration.

The safest version of this system is classification plus approved knowledge retrieval. Not unrestricted action.

The security model

A few things that matter if you are showing this to anyone with a security or compliance role.

Authentication runs through an Azure App Registration using OAuth 2.0 client credentials flow. All credentials are stored in n8n's encrypted credential store, not hardcoded in any workflow. Graph API permissions are scoped to the minimum required for each function.

The shared help desk mailbox has RequireSenderAuthenticationEnabled set to Yes in Exchange Online. This blocks all unauthenticated external senders at the transport layer before any message reaches the inbox. The Outlook workflow adds a second check: it verifies the sender domain before processing. The Teams workflow goes further and verifies both the sender domain and the Teams tenant ID. Anything that does not match is silently dropped. No reply, no classification, no log entry.

SharePoint data, email content, and identity infrastructure stay inside your M365 tenant. For Outlook and Teams tickets, the AI classification call is the only point where ticket content leaves the tenant boundary, and that goes to Azure OpenAI hosted within Microsoft's infrastructure. The voice channel is different. Phone calls route through Twilio and the conversation runs inside ElevenLabs, both of which are outside Microsoft's infrastructure. That is worth factoring in if you have strict data residency requirements.

The operations dashboard

Every outcome is logged to a SharePoint list with a timestamp, channel, intent, confidence score, and resolution time. A browser-based dashboard reads that log in real time via the Microsoft Graph API and shows auto-resolve rates, escalation patterns and daily ticket volume.

The dashboard is a single HTML file hosted on Azure Static Web Apps and deployed automatically via GitHub Actions on every push to the main branch. No server to maintain. The App Registration that powers the automation also handles dashboard authentication, so there is no separate auth layer to configure.

Access is gated through Entra ID. Assignment Required is set to Yes on the Enterprise Application. Anyone without an authorized account hits an access denied screen at the Microsoft login. They never reach the dashboard.

What can be adjusted

The system is built to adapt. Nothing is hardcoded beyond what you configure.

The knowledge base drives everything. Add, edit, or remove KB articles in SharePoint and the change reflects across all three channels on the next request.

The confidence threshold is adjustable. Raising it routes more tickets to human agents. Lowering it increases the auto-resolve rate. The right setting depends on your KB coverage and how risk-tolerant your team is with automated replies.

The AI model is swappable. Classification currently runs on GPT-5.4-mini via Azure OpenAI. Higher volume deployments can switch to GPT-5.4-nano for lower cost per call. The voice, tone, and persona of the AI voice agent can be switched from the ElevenLabs settings panel without touching any workflow.

Each intake channel can be enabled or disabled independently. The voice channel in particular can be built and tested after the email and Teams channels are confirmed working.

Escalation routing can connect directly to the existing ticketing system. Instead of forwarding to a shared mailbox, the escalation path can create records in ServiceNow, Jira Service Management, Freshservice, or Zendesk via API, with all classified fields pre-populated.

This is a system I built. If it looks like something your IT team could use, I would be happy to help you implement it.