Devices capable of running Microsoft Teams.
Latest version of Microsoft Teams.
Stable internet connection.
For optimal network security and performance, ensure that the following domain names are accessible from your network:
Integration with Entra ID, Formerly Azure Active Directory (AAD) for user authentication.
Must be able to sign-in interactively.
| Permission | Type | Description | Admin Consent Required |
|---|---|---|---|
| openid | Delegated | Allows nBold to sign-in a user. | No |
| offline_access | Delegated | Allows nBold to retrieve a refresh token for the current user. | No |
| Delegated | Allows nBold to read the email address of the current user. | No | |
| profile | Delegated | Allows nBold to read the basic profile (name, picture, user name) of the current user. | No |
| Permission | Type | Description | Admin Consent Required |
|---|---|---|---|
| openid | Delegated | Allows nBold to sign-in a user. | No |
| offline_access | Delegated | Allows nBold to retrieve a refresh token for the current user. | No |
| Delegated | Allows nBold to read the email address of the current user. | No | |
| profile | Delegated | Allows nBold to read the basic profile (name, picture, user name) of the current user. | No |
| User.ReadBasic.All | Delegated | Allows nBold to retrieve the list of users from the directory. | No |
| Team.ReadBasic.All | Delegated | Allows nBold to retrieve the list of teams a user is a member of. | No |
| Channel.ReadBasic.All | Delegated | Allows nBold to retrieve the list of channels from the teams a user is a member of. | No |
| Mail.Send | Delegated | Allows the service account to send approval emails. | No |
| User.Read.All | Delegated | Allows the service account to search for users in the directory. | Yes |
| Directory.AccessAsUser.All | Delegated | Allows the app to have the same access to directory information as the signed-in user. | Yes |
| Group.ReadWrite.All | Delegated | Allows the service account to perform administrative operations on teams/groups. | Yes |
| Team.Create | Delegated | Allows the service account to create new teams. | Yes |
| TeamSettings.ReadWrite.All | Delegated | Allows the service account to retrieve and update teams settings. | Yes |
| TeamsAppInstallation.ReadWriteForTeam | Delegated | Allows the service account to install apps in a team. | Yes |
| TeamMember.ReadWrite.All | Delegated | Allows the service account to manage members of teams. | Yes |
| TeamsTab.ReadWrite.All | Delegated | Allows the service account to create and manage tabs. | Yes |
| Channel.Create | Delegated | Allows the service account to create and manage channels. | Yes |
| ChannelSettings.ReadWrite.All | Delegated | Allows the service account to manage channel settings. | Yes |
| ChannelMember.ReadWrite.All | Delegated | Allows the service account to manage channel members. | Yes |
| ChannelMessage.Read.All | Delegated | Read teams channels messages as part of the provisioning process. | Yes |
| ChannelMessage.ReadWrite | Delegated | Update an existing message. | Yes |
| ChannelMessage.Send | Delegated | Create a new team channel message. | Yes |
| Sites.FullControl.All | Delegated | Used to perform administrative operations on SharePoint sites. | Yes |
| Notes.ReadWrite.All | Delegated | Allows the service account to copy OneNote notebooks. | No |
| Reports.Read.All | Delegated | Used to gather statistics about teams, channels, and users. | Yes |
| ReportSettings.Read.All | Delegated | Used to determine if the Microsoft 365 reports are using anonymized IDs. | Yes |
| InformationProtectionPolicy.Read | Delegated | Allows the service account to retrieve and apply sensitivity labels. | No |
| Notifications.ReadWrite.CreatedByApp | Delegated | Used to send and manage native Microsoft Teams notifications. | No |
| People.Read | Delegated | Generate a ranked list of relevant people for the signed-in user. | No |