Permission

On the following page you see an overview of the required permissions.

Easy Directory requires two separate app registrations within your tenant to ensure functionality and security:

Easy Directory 2.0: This primary app handles the core functionalities, enabling the display of your contacts directly within Microsoft Teams.
Easy Platform Configuration Portal: To enhance security, a second app registration with elevated permissions is used for configuration tasks. This app allows:
- Access to contacts stored in shared mailboxes.
- The provision of a dedicated portal for managing contacts and views.

Access to the Easy Platform Configuration Portal is restricted to users assigned the Teams Administrator role, ensuring that only authorized personnel can manage the platform’s configuration and permissions.

This two-app approach guarantees both robust functionality and a secure management environment for Easy Directory.

Easy Directory 2.0 App

Permission

Description

Presence.Read.All

Allows the app to read presence information of all users in the directory on behalf of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.

User.Read

Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.

User.ReadBasic.All

Allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address and photo.

Easy Platform Configuration Portal App

Permission

Description

User.Read

Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.

openid

Allows users to sign in to the app with their work or school accounts and allows the app to see basic user profile information.

profile

Allows the app to see your users' basic profile (e.g., name, picture, user name, email address)

offline_access

Allows the app to see and update the data you gave it access to, even when users are not currently using the app. This does not give the app any additional permissions.

Application.Read.All

Allows the app to read applications and service principals on behalf of the signed-in user.

PreviousPurchase license NextData Security and Handling with Easy Directory

Last updated 12 days ago