Permissions
This document covers information on what permissions the Popl integration with Azure Active Directory uses.
Least Privilege
Our integration with Azure AD utilizes Role Based Access Controls (RBAC) which in turn uses the security principle of least privilege. Least privilege means that the enterprise app created by the integration has precisely the amount of privilege that is necessary to perform a job and nothing more.
Permissions
The Azure Active Directory integration uses the following read only permissions:
| Permission Name | Type | Description |
|---|---|---|
Directory.Read.All | Delegated | Read directory data |
Delegated | View users' email address | |
Group.Read.All | Delegated | Read all groups |
GroupMember.Read.All | Delegated | Read group memberships |
offline_access | Delegated | Maintain access to data you have given it access to |
openid | Delegated | Sign users in |
User.Read | Delegated | Sign in and read user profile |
User.Read.All | Delegated | Read all users' full profiles |
User.ReadBasic.All | Delegated | Read all users' basic profiles |
If any issues or questions, please contact us at teams@popl.co, we are available nearly 24/7 and will get back to you within 6-8 hours or less.
With 🤍 from Popl.
Last updated