Microsoft Graph API permissions

The Following describes the Microsoft Graph API access levels when Cisco Secure Email Threat Defense is deployed with Microsoft 365 integration:

Mail.Read - Access level Read Only

Permision: Read mail in all mailboxes

Purpose:

  • Super-admin and admin to view and download email.
  • Super-admin and admin to view email read status.

Mail.ReadWrite - Access level Read/Write

Permission: Read and write mail in all mailboxes

Purpose:

  • Super-admin and admin to view and download email.
  • Super-admin and admin to view email read status.
  • Super-admin, admin and analyst to remediate emails on demand.
  • For automated Remediation.

Organization.Read.All - Access level both

Permission: Read organization information

Purpose:

  • Acquiring the list of domains to protect email traffic.

User.Read.All - Access Level Read

Permission: Read the full set of profile properties, reports, and manager of other users in your organization

Purpose:

  • Getting organizational hierarchy and selected user properties for impersonation detections.