Permissions
This document covers information on what permissions the Popl integration with Azure Active Directory uses.
Least Privilege
Our integration with Azure AD utilizes Role Based Access Controls (RBAC) which in turn uses the security principle of least privilege. Least privilege means that the enterprise app created by the integration has precisely the amount of privilege that is necessary to perform a job and nothing more.
Permissions
The Azure Active Directory integration uses the following read only, only delegated permissions:
Delegated
View users' email address
Group.Read.All
Delegated
Read all groups
GroupMember.Read.All
Delegated
Read group memberships
offline_access
Delegated
Maintain access to data you have given it access to
openid
Delegated
Sign users in
User.Read
Delegated
Sign in and read user profile
User.Read.All
Delegated
Read all users' full profiles
User.ReadBasic.All
Delegated
Read all users' basic profiles
If any issues or questions, please contact us at teams@popl.co, we are available nearly 24/7 and will get back to you within 6-8 hours or less.
With 🤍 from Popl.
Last updated