Monitor instant messaging
      Back to home
      1. Knowledge Base
      2. Monitor human risks
      3. Monitor instant messaging

      What Microsoft permissions does CultureAI need?

      CultureAI requires permissions in Microsoft Graph API to carry out Directory Syncing, enable Single Sign-On, as well monitor various human risks.

      *Please note, Reaction based message deletion requires the message poster to have a Microsoft DLP License within your Azure administration, this currently means a Microsoft 365 E5/A5/G5/F5 license.


      Please refer to the table below which outlines each of the permissions required for each functionality:

      Directory Syncing (Azure AD)

      Directory.Read.All

      Read directory data

       

       

       

      SSO (Azure AD)

      User.Read

      Sign in and read user profile

       

       

       

      General Integration

      AuditLog.Read.All

      Read all audit log data

       

      Device.Read.All

      Read all devices

       

      Directory.Read.All

      Read directory data

       

      IdentityRiskEvent.Read.All

      Read all identity risk event information

       

      IdentityRiskyUser.Read.All

      Read all identity risky user information

       

      MailboxSettings.Read

      Read all user mailbox settings

       

      Policy.Read.All

      Read your organization's policies

       

      Policy.Read.ConditionalAccess

      Read your organization's conditional access policies

       

      Reports.Read.All

      Read all usage reports

       

      SecurityActions.Read.All

      Read your organization's security actions

       

      SecurityEvents.Read.All

      Read your organization’s security events

       

      SecurityEvents.ReadWrite.All

      Read and update your organization’s security events

       

      Teamwork.Migrate.All

      Create chat and channel messages with anyone's identity and with any timestamp

       

      ThreatAssessment.Read.All

      Read threat assessment requests

       

      ThreatIndicators.Read.All

      Read all threat indicators

       

      User.Read

      Sign in and read user profile

       

      User.Read.All

      Read all users' full profiles

       

      UserAuthenticationMethod.Read.All

      Read all users' authentication methods

      Microsoft Teams Integration

      AppCatalog.ReadWrite.All

      Read and write to all app catalogs

       

      Channel.ReadBasic.All

      Read the names and descriptions of all channels

       

      ChannelMember.Read.All

      Read the members of all channels

       

      ChannelMessage.Read.All -

      Read all channel messages

       

      ChannelMessage.UpdatePolicyViolation.All

      Flag channel messages for violating policy

       

      ChannelSettings.Read.All

      Read the names, descriptions, and settings of all channels

       

      Chat.Create

      Create chats

       

      Chat.Read.All

      Read all chat messages

       

      Chat.ReadBasic.All

      Read names and members of all chat threads

       

      Chat.UpdatePolicyViolation.All

      Flag chat messages for violating policy

       

      ChatMember.Read.All

      Read the members of all chats

       

      ChatMessage.Read.All

      Read all chat messages

       

      Directory.Read.All

      Read directory data

       

      TeamsAppInstallation.ReadWriteForChat.All

      Manage Teams apps for all chats

       

      TeamsAppInstallation.ReadWriteForTeam.All

      Manage Teams apps for all teams

       

      TeamsAppInstallation.ReadWriteForUser.All

      Manage Teams apps for all users

       

      User.Read

      Sign in and read user profile

       

      User.Read.All

      Read all users' full profiles