API / Permissions name |
Type |
Description |
Admin consent required |
Microsoft Graph (6) |
|
|
|
|
Delegated |
View users' email address |
No |
Group.Read.All |
Delegated |
Read all groups |
Yes |
offline_access |
Delegated |
Maintain access to data you have given it access to |
No |
openid |
Delegated |
Sign users in |
No |
profile |
Delegated |
View users' basic profile |
No |
User.Read |
Delegated |
Sign in and read user profile |
No |
- Groups are retrieved during the onboarding process and listed so they can be mapped to a role in Workspace.
- Groups are retrieved after a given user’s ID token has been validated in order to determine the user’s role in Workspace (based on the mapping that is performed during the onboarding process (see 1)).
- User profiles are read in order to retrieve their profile photo for their avatar in Workspace after it has been determined that they belong to a Workspace role (see 2).
Comments
0 comments
Article is closed for comments.