Outlook on the Web v6 Graph API permissions

Introduction

Zivver for Outlook on the Web add-in interacts with user and shared mailboxes to secure emails when content matters. The Zivver Outlook on the Web add-in uses the following Microsoft Graph API permissions.

Microsoft Graph API permissions

PermissionPermission TypeFunctionalityRequired or Optional
Files.ReadWriteDelegatedTo allow attachments in secure emailsRequired
Files.ReadWrite.AllDelegatedTo allow attachments in secure emailsRequired
Group.Read.AllDelegatedTo identify email addresses of Distribution Groups if secure emailing to DGs is allowedOptional
Mail.ReadWriteDelegatedTo scan emails from user mailboxes for sensitive information and add headers to secure emailsRequired
Mail.ReadWrite.SharedDelegatedTo scan emails from shared mailboxes for sensitive information and add headers to secure emailsRequired
MailboxSettings.ReadWriteDelegatedTo read all settings of the user’s mailbox as well as to update them if requiredRequired
User.ReadWriteDelegatedTo access the user profile in general for display name, preferred languages and moreRequired
openidDelegatedAlways required by Office add-ins (1)Required
profileDelegatedAlways required by Office add-ins (1)Required
offline_accessDelegatedTo access MSAL.NET for authentication (1)Required

(1) Associate Office Add-ins with a Microsoft Entra application