Does my authenticating account for O365 need to have full admin permissions?
If you are asking with respect to privacy concerns or want to know how we will use your data
- We use your data only to provide you with effective cybersecurity
- Our apps do not have the permissions of the account you use to authenticate. They have only the permissions granted to us (below, also listed on the authorization screen when you set up an Office 365 app).
- For details, see our Terms of Service, particularly the Privacy Policy in Section 3 and the "How We Protect Your Data" addendum
There are two requirements for the authenticating account.
- In addition to the permissions listed below, the account needs to have either a Security Reader or Report Reader role. NOTE - A global admin does not automatically have these roles. See > How To Add Security Reader Role in Azure Portal
- The admin needs to have an Azure AD P1 or P2 license. See > How to Add Azure AD Premium P1 or P2
After adding roles and the P1 or P2, you must re-authenticate via the RocketCyber Office 365 App for the changes to take effect.
If you are asking to verify account permissions
Permissions our apps require are:
openid
profile
offline_access
User.ReadWrite.All
SecurityEvents.Read.All
AuditLog.Read.All
IdentityRiskEvent.Read.All
IdentityProvider.Read.All
IdentityRiskyUser.Read.All
Directory.Read.All
ThreatIndicators.ReadWrite.OwnedBy
Reports.Read.All
MailboxSettings.Read
Mail.ReadWrite
These permissions are automatically assigned to the app during the authentication process. You cannot manually add these permissions to the app. If you are experiencing problems you may want to remove the app from your Office 365 Tenant and attempt to re-authenticate.