Social Squared Microsoft Graph permissions

This is a list of the Microsoft Graph permissions requested by the Social Squared SPFx web part for SharePoint Online.

Following is a list of all of the Microsoft Graph permissions requested by the current version of Social Squared (4.4.0.0). You may decide not to approve any for which you do not need the functionality provided by that permission. Note that many of these permissions are necessary for Social Squared to function correctly within Microsoft Teams.

These are all "Delegated" permissions, which a Global or Application Admin can approve on the API Access page in the SharePoint Admin Center. They will then be listed as API Permissions under the SharePoint Online Client Extensibility Web Application Principal application in Azure AD in your tenant. The reason that Social Squared requests Delegated permissions as opposed to Application permissions is that Social Squared is not a registered Azure application, but rather a SharePoint Framework app. As such, it uses the context of the current user (i.e. delegated permissions) for performing requests.

  • Group.Read.All (new in v4.0.0.0): Replaces Group.ReadWrite.All in previous Social Squared versions. Used to get M365 Group members for presence indicator (see Presence.Read.All), for M365 Group subscriptions, and for Teams chat notifications.
  • Presence.Read.All: Gets user presence after getting the user from the Group.
  • User.ReadBasic.All: Gets basic user profile information and photo for profile cards. 
  • Mail.Send: Send email notifications for subscriptions and moderation.
  • OnlineMeetings.ReadWrite: Create/display Teams meetings. This allows Social Squared to create Teams meetings, using the options displayed below a reply post when in Teams.
  • Calendars.ReadWrite: Read and write calendars in all mailboxes. This allows Social Squared to add a Teams meeting to users' calendars.
  • Chat.Create: Send a 1:1 chat message in Teams.
  • Chat.ReadWrite: Read your Teams chat messages and send new ones.
  • ChannelMember.Read.All: Determine members of the current Teams channel.
  • ChannelMessage.Send (new in v4.0.0.0): Replaces Group.ReadWrite.All (in previous Social Squared versions) to post in a Teams channel.
  • Files.ReadWrite.All: Access to all OneDrive files the current user can access. This is used to save/access global settings (in v3.9.0.0+) and (in v4.0.0.0+) configuration exports.

Published Mar 23, 2023
Updated Apr 30, 2023 for v4.0.0.0 permission changes