Azure Web App Permissions for Microsoft Office 365 Teams
Azure Web App Permissions for Microsoft Office 365 Teams
Netskope seeks consent for the following Azure web app permissions for Microsoft Office 365 Teams:
API | Permission | Description | Netskope Use Case |
---|---|---|---|
Microsoft Graph API | ChannelMessage.Read.All | Read all channel messages. | Channel notification/access channel web URL from the UI page. |
ChannelMember.Read.All | Read all channel members. | Read access to members of a channel. | |
ChannelMessage.UpdatePolicy Violation.All | Flag channel messages for violating policy. | Block access. | |
Chat.Read.All | Read all 1:1 or group chat messages in Microsoft Teams, without a signed-in user. | Channel notification/access channel web URL from the UI page. | |
Chat.ReadBasic.All | Read names and members of all chat threads. | Chat members and exposure. | |
Chat.ReadWrite.All | Read and write all chat messages. | Send alerts in chat. This API is not in use. Netskope may support this API in future use cases. | |
Chat.UpdatePolicyViolation.All | Flag chat messages for violating policy. | Block access. | |
Directory.Read.All | Read directory data. | Read access to user group team objects. | |
Files.Read.All | Read files in all site collections. | Download files from OneDrive. | |
Files.ReadWrite.All | Read, create, update, and delete all files the signed-in user can access. | Malware threat protection (quarantine & tombstone). | |
Group.Read.All | Read all groups. | Read teams. | |
GroupMember.Read.All | Read all group memberships. | Read team members. | |
Reports.Read.All | Read all usage reports. | This API is not in use. Netskope may support this API in future use cases. | |
Sites.Read.All | Read items in all site collections (preview). | Download files from sites. | |
TeamsActivity.Read.All | Read all users' teamwork activity feed | User activities. | |
TeamsApp.Read.All | Read all users' installed Teams apps. | Read the MS Teams apps installed for all users. Note The API does not have the ability to read application-specific settings. |
|
User.Read.All | Read all users' full profiles. | Read user. | |
Office 365 Management API | ActivityFeed.Read | Read activity data of your organization. | Audit logs. |
ActivityFeed.ReadDlp | Read DLP policy events including detected sensitive data. | ||
ActivityReports.Read | Read activity reports of your organization. | ||
ServiceHealth.Read | Read service health information of your organization. | ||
ThreatIntelligence.Read | Read threat intelligence data of your organization. |