Features

What Microsoft 365 permissions does FYI require?

The integration with Microsoft 365 is essential for using FYI. Connecting the two systems allows users to work seamlessly using a cloud document management platform.

Below, we have covered detailed information on each of the permissions required by FYI, and its primary use.

These permissions can be viewed online in Microsoft Entra. Refer to the Microsoft article Review permissions granted to enterprise applications.

Microsoft Permission Details Primary Use by FYI

offline_access

Maintain access to data you have given it access to

Allows the app to see and update the data you gave it access to, even when users are not currently using the app. This does not give the app any additional permissions.

FYI (Core)

  • Enables the fetching of emails, documents etc without requiring the user to be logged into FYI for Web. eg. Importing emails into FYI from Outlook, documents from OneDrive etc

User.Read

Sign in and read user profile

Allows users to sign in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.

FYI (Core)

  • View the details of the logged-in user from Microsoft 365
  • Required to enable users to authenticate using M365

Mail.ReadWrite

Read and write access to user mail

Allows the app to create, read, update, and delete emails in user mailboxes. Does not include permission to send mail.

FYI (Core)

  • Integration with users' email inboxes to create and draft emails in Outlook

 

Mail.Send

Send mail as a user

Allows the app to send mail as users in the organization.

FYI (Core)

  • Send emails on behalf of the user

Files.ReadWrite.All

Have full access to all files user can access

Allows the app to read, create, update and delete all files the signed-in user can access.

FYI (Core & New Collaborate)

  • Process documents via OneDrive (Create, read, edit, add/remove permissions)

  • Nominated Practice OneDrive used for internal co-edit

  • Permissions are applied to the central user’s OneDrive account, internal staff are granted permission to access files stored there

  • Access individual OneDrive folders and documents - when editing documents via OneDrive/Using FYI Desktop configured to OneDrive

  • Provide internal users access to the Collaborate-configured SharePoint site

Calendars.ReadWrite

Have full access to user calendars

Allows the app to create, read, update, and delete events in user calendars.

FYI (Core)

  • Access users Calendars

  • Create, Read, Update, and Delete events in Calendars when using the Meeting function or Calendar Autofile

MailboxSettings.ReadWrite

Read and write user mailbox settings

Allows the app to create, read, update, and delete user's mailbox settings. Does not include permission to send mail.

FYI (Core)

  • Create a “Filed in FYI” category in users inboxes
  • Create “FYI-Drafts folder”

 

 

Sites.FullControl.All

Have full control of all site collections

Allows the application to have full control of all site collections on behalf of the signed-in user.

FYI (New Collaborate)

  • Create a new SharePoint site in Microsoft 365 when configuring Collaborate
  • Allows FYI to set the permissions of the site and the site’s document library for secure collaboration
  • Populate the new SharePoint site with a predefined template
  • Manage the guest user access at a site and folder level on the nominated SharePoint site.
  • Create folders in the nominated SharePoint Site
  • Remove permissions and folders from the SharePoint Site
  • Manage Permission Inheritance at site and Document Library level
  • Display a list of SharePoint communication sites in the Collaborate configuration
  • Note: FYI only has access to the SharePoint site configured in the Collaborate app. All other sites on Microsoft 365 are not managed by FYI.

User.Invite.All

Invite guest users to the organization

Allows the app to invite guest users to the organization, on behalf of the signed-in user.

FYI (New Collaborate)

  • Invite Guest Users to the organisation's Microsoft 365 when added to Collaborate Sharing Settings, or shared a document via Collaborate

 

Group.Read.All

Read all groups

Allows the app to list groups, and to read their properties and all group memberships on behalf of the signed-in user. Also allows the app to read calendar, conversations, files, and other group content for all groups the signed-in user can access.

FYI (New Collaborate)

  • Retrieve and display a list of the available Azure Security Groups in the Collaborate app

 

User.ReadWrite.All

Read and write all users' full profiles

Allows the app to read and write the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.

FYI (New Collaborate)

  • Create guest user accounts for clients when invited to New Collaborate
  • Retrieve the guest user account details when adding them to the nominated SharePoint site
  • Remove guest user accounts for clients when deleted from New Collaborate

 

Sites.ReadWrite.All

Edit or delete items in all site collections

Allows the application to edit or delete documents and list items in all site collections on behalf of the signed-in user.

FYI (New Collaborate)

  • Child of Sites.FullControl.All (mentioned above)

 

Was this article helpful?
0 out of 0 found this helpful