Permissions

This document covers information on what permissions the Popl integration with Azure Active Directory uses.

Least Privilege

Our integration with Azure AD utilizes Role Based Access Controls (RBAC) which in turn uses the security principle of least privilege. Least privilege means that the enterprise app created by the integration has precisely the amount of privilege that is necessary to perform a job and nothing more.

Permissions

The Azure Active Directory integration uses the following read only, only delegated permissions:

Permission Name
Type
Description

Email

Delegated

View users' email address

Group.Read.All

Delegated

Read all groups

GroupMember.Read.All

Delegated

Read group memberships

offline_access

Delegated

Maintain access to data you have given it access to

openid

Delegated

Sign users in

User.Read

Delegated

Sign in and read user profile

User.Read.All

Delegated

Read all users' full profiles

User.ReadBasic.All

Delegated

Read all users' basic profiles

If any issues or questions, please contact us at teams@popl.co, we are available nearly 24/7 and will get back to you within 6-8 hours or less.

With 🤍 from Popl.

Last updated