What Permissions Does My Account Need for Office 365 Apps?

Does my authenticating account for O365 need to have full admin permissions?

If you are asking with respect to privacy concerns or want to know how we will use your data

  • We use your data only to provide you with effective cyber security
  • For details, see our Terms of Service, particularly the Privacy Policy in Section 3 and the "How We Protect Your Data" addendum

If you are asking to make a minimal permissions account

Good job! That is an excellent idea.

Permissions needed for our apps are:

openid
profile
email
offline_access
User.ReadWrite.All
SecurityEvents.Read.All
AuditLog.Read.All
IdentityRiskEvent.Read.All
IdentityProvider.Read.All
IdentityRiskyUser.Read.All
Directory.Read.All
ThreatIndicators.ReadWrite.OwnedBy
Reports.Read.All
MailboxSettings.Read
Mail.ReadWrite

 

In addition, the account needs to have either a Security Reader or Report Reader role.