Azure Web App Permissions for Microsoft Office 365 Teams

Azure Web App Permissions for Microsoft Office 365 Teams

Netskope seeks consent for the following Azure web app permissions for Microsoft Office 365 Teams:

APIPermissionDescriptionNetskope Use Case
Microsoft Graph APIChannelMessage.Read.AllRead all channel messages.Channel notification/access channel web URL from the UI page.
ChannelMember.Read.AllRead all channel members.Read access to members of a channel.
ChannelMessage.UpdatePolicy Violation.AllFlag channel messages for violating policy.Block access.
Chat.Read.AllRead all 1:1 or group chat messages in Microsoft Teams, without a signed-in user.Channel notification/access channel web URL from the UI page.
Chat.ReadBasic.AllRead names and members of all chat threads.Chat members and exposure.
Chat.ReadWrite.AllRead and write all chat messages.Send alerts in chat. This API is not in use. Netskope may support this API in future use cases.
Chat.UpdatePolicyViolation.AllFlag chat messages for violating policy.Block access.
Directory.Read.AllRead directory data.Read access to user group team objects.
Files.Read.AllRead files in all site collections.Download files from OneDrive.
Files.ReadWrite.AllRead, create, update, and delete all files the signed-in user can access.Malware threat protection (quarantine & tombstone).
Group.Read.AllRead all groups.Read teams.
GroupMember.Read.AllRead all group memberships.Read team members.
Reports.Read.AllRead all usage reports.This API is not in use. Netskope may support this API in future use cases.
Sites.Read.AllRead items in all site collections (preview).Download files from sites.
TeamsActivity.Read.AllRead all users' teamwork activity feedUser activities.
TeamsApp.Read.AllRead all users' installed Teams apps.Read the MS Teams apps installed for all users.

Note


The API does not have the ability to read application-specific settings.


User.Read.AllRead all users' full profiles.Read user.
Office 365 Management APIActivityFeed.ReadRead activity data of your organization.Audit logs.
ActivityFeed.ReadDlpRead DLP policy events including detected sensitive data.
ActivityReports.ReadRead activity reports of your organization.
ServiceHealth.ReadRead service health information of your organization.
ThreatIntelligence.ReadRead threat intelligence data of your organization.
Share this Doc

Azure Web App Permissions for Microsoft Office 365 Teams

Or copy link

In this topic ...