Microsoft Office 365 and Netskope API Data Protection Frequently Asked Questions

A: Microsoft Office 365 Outlook uses the following APIs:

A: The way permissions work in Azure/Office 365 is that Netskope requires an administrator to grant enough privileges for Netskope to perform specific actions. Note that the Netskope app does not receive global admin permissions. It only receives permissions for the scope Netskope requests for (listed below at the time of grant):

In particular, the global admin is the only user that can delegate access for application-level permission (as opposed to user level permissions). You can find additional Microsoft documentation on how all these work here. Furthermore, global admin credential is required for Graph and Office 365 Management APIs. Post-grant, Netskope is independent of the granting account for policy processing.