The Following describes the Microsoft Graph API access levels when Cisco Secure Email Threat Defense is deployed with Microsoft 365 integration:

Mail.Read - Access level Read Only

Permision: Read mail in all mailboxes

Purpose:

• Super-admin and admin to view and download email.
• Super-admin and admin to view email read status.

Mail.ReadWrite - Access level Read/Write

Permission: Read and write mail in all mailboxes

Purpose:

• Super-admin and admin to view and download email.
• Super-admin and admin to view email read status.
• Super-admin, admin and analyst to remediate emails on demand.
• For automated Remediation.

Organization.Read.All - Access level both

Permission: Read organization information

Purpose:

• Acquiring the list of domains to protect email traffic.

User.Read.All - Access Level Read

Permission: Read the full set of profile properties, reports, and manager of other users in your organization

Purpose:

• Getting organizational hierarchy and selected user properties for impersonation detections.