LiveTiles Bots integrates with the Microsoft Graph API out-of-the-box. This provides immediate access to the suite of O365 abilities.
To allow for this, the following list of permission scopes is requested as part of the app registration in a customer tenant. This only happens the first time when authenticating into LiveTiles Bots, and needs to be done by a tenant administrator who can consent on-behalf of the other users in the tenant.
Note: The scopes provided in this way allows authenticated users in the customer tenant to leverage these via the app. This does NOT provide anyone to leverage these scopes on behalf of a user. More information around consent is available from Microsoft here.
- Calendars.ReadWrite - Allows the app to create, read, update and delete events in user calendars. This is used by the Meetings ability in order to read events from, and create events in the user's calendar.
- Calendars.ReadWrite.Shared - Allows the app to create, read, update and delete events in all calendars the user has permissions to access. This includes delegate and shared calendars. This is used by the Meetings ability in order to read events from, and create events in a shared calendar that the user may have access to.
- Contacts.Read - Allows the app to read user contacts. Contacts ability.
- Contacts.Read.Shared - Allows the app to read contacts that the user has permission to, including the user's own and shared contacts. This is used by the Contacts ability in order to read contact information from the user's contact list.
- Files.Read.All - Allows the app to read all files the signed-in user can access. This is used by the Documents, OneDrive & Excel abilities in order to read files that the user has access to.
- Files.ReadWrite.AppFolder - (Preview) Allows the app to read, create, update, and delete files in the application's folder. This is used by the Documents and OneDrive abilities in order to read files from a folder that a user has access to.
- MailboxSettings.Read - Allows the app to read user's mailbox settings. Does not include permission to directly send mail, but allows the app to create rules that can forward or redirect messages. This is used for the Email ability (in development), in order to forward or redirect messages from the user's email.
- People.Read - Allows the app to read a scored list of people relevant to the signed-in user. The list can include local contacts, contacts from social networking or your organization's directory, and people from recent communications (such as email and Skype). Contacts ability.
- User.ReadBasic.All - Allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address and photo. It also allows the app to read the signed-in user's full profile. Accessing profile information for, among others, the welcome message as well as the Contact Profile ability.
- User.Read - Allows the app to read the signed-in user's full profile. Accessing profile information for, among others, the welcome message.