Permissions for Microsoft Graph
| Graph Permission | Application or Delegated* | Use by PoliteMail |
|---|---|---|
| GroupMember.Read.All | Both | Get the members of a group |
| Group.Read.All | Both | List and read groups and memberships |
| MailboxSettings.Read | Both | Retrieve working hours, time zone, and language preferences |
| OrgContact.Read.All | Both | Read Org Contacts properties including email address and other properties for personalization and sending |
| People.Read.All | Both | Read People lists and local contacts including email address and other properties for personalization and sending |
| User.Read | Delegated | Read properties of Users including email address and other properties for personalization and sending |
| User.Read.All | Both | Read properties of Users including email address and other properties for personalization |
| offline_access | Delegated | API Scope Permission that allows a delegated account to log in |
| openid | Delegated | API Scope Permission that allows a delegated account to log in |
| profile | Delegated | API Scope Permission that allows a delegated account to log in |
Permissions for EWS with OAuth
| Graph Permission | Application or Delegated* | Location in Azure | Use by PoliteMail |
|---|---|---|---|
| full_access_as_app** | Application | Office 365, Exchange Online | Use Exchange Web Services with full access to all mailboxes |
| EWS.AccessAsUser.All** | Delegated | Office 365, Exchange Online | Access mailboxes as the signed-in user via Exchange Web Services |
* PoliteMail needs both permissions to support real-time requests for the user and scheduled activities performed by the application including sending and list synchronization
** Further controls are available by using Application Scope to restrict by mailbox. More information can be found by clicking here.
