Netskope Help

Azure Web App Permissions for Microsoft Office 365 OneDrive

Netskope seeks consent for the following Azure web app permissions for Microsoft Office 365 OneDrive:

API

Permission

Description

Netskope Use Case

Azure Active Directory Graph API

Directory.Read.All

Read directory data.

User listing.

User.Read

Sign in and read user profile.

User meta information.

Microsoft Graph API

Directory.Read.All

Read directory data.

User listing.

Sites.FullControl.All

Have full control of all site collections.

Filters out duplicate notification using the header deltashowsharingchanges.

Files.ReadWrite.All

Read and write files in all site collections.

File listing, file download, quarantine, legal hold.

Group.Read.All

Read all groups.

Determine user groups.

Reports.Read.All

Read all usage reports.

User activities.

Sites.ReadWrite.All

Read and write items in all site collections (preview).

Site listing, file download, quarantine, legal hold.

Office 365 Management API

ActivityFeed.Read

Read activity data of your organization.

Audit logs.

ActivityFeed.ReadDlp

Read DLP policy events including detected sensitive data.

ActivityReports.Read

Read activity reports of your organization.

ServiceHealth.Read

Information of your organization.

ThreatIntelligence.Read

Read threat intelligence data of your organization.