Microsoft 365 admin account

Last updated
Save as PDF

The Microsoft 365 admin account provides consent for the Microsoft 365 integration to receive notifications from the subscribed calendars, and to amend calendar appointments.

The Microsoft 365 admin account must grant consent for Condeco to use User.Read and Calendars.ReadWrite however, an Application Access Policy can be configured to allow or deny access to specific Microsoft Outlook calendars.

Learn more about configuring an Application Access Policy at Microsoft https://docs.microsoft.com/en-us/graph/auth-limit-mailbox-access.

It is a requirement that the Microsoft 365 admin account grants consent to access the user calendars defined by the Application Access Policy, however, Condeco only subscribes to the calendars of users who have authorized this via the Condeco Outlook Add-in.

Accepting permissions

During the onboard process, you are prompted to grant the Microsoft 365 admin account access to the Condeco Token Provider application that uses Microsoft Graph:

	Description	Permission Type	Reason
User.Read	Sign in and read user account.	Delegated	Required to read the Exchange Admin’s identity and tenant information during the consent flow.
User.ReadBasic.All	Read the basic profile details of all users[User.ReadBasic.All]	Application	Required to get a user’s basic details (including GUID identifiers) which is used when subscribing.
Calendars.ReadWrite	Read and write calendars in all mailboxes.	Application	Required to read and update events within users’ calendars.

Condeco Microsoft 365 integration home

Accepting permissions

Description

Permission Type

Reason