About the data we save
As nearly every other Teams App, we also need to save some data so that our App can give you the best experience possible.
Currently we are only saving…
- Teams Activity Reports (Only
ReportRefreshDate,LastActivityDateandTeamId)
About App Permissions
As you may have noticed, you also need to grant some permissions when using the app for the first time on your tenant.
Some Permissions are Delegated Permissions meaning that we do something on behalf of a User and others are Application Permissions which means we are accessing and modifying data as the Application. Application Permissions can only be granted by a Tenant Admin. Our App mainly uses Application Permissions because it enables us to read all the data even if a user would have insufficient privileges, so every user that has access can use our App with all the data.
The following list will explain what Permissions we use, why we need them, and/or what we need them for.
Delegated (User) Permissions
User.Read- Authenticate and Identify the current User using the App
ChatMessage.Send&Chat.Create- Is used to send out Messages from you to another user
- In the App this is used to send Requests for review to Team Owners, for example to review the guests of a Team
Application Permissions
User.Read.All- Read all Users - Mainly used for people pickers like the one in the Settings to add Users to the App
Team.ReadBasic.All- Get all Teams on the Tenant for everything check/issue/analysis related
TeamMember.ReadWrite.All- Read all Members to check for issues
- Change Members, for example when pro/demoting an owner or removing certain members via the App
Files.Read.All- Find the drive of a Team and get the storage quota for it
Reports.Read.All- To get the Teams Activity Report to check for issues
ReportSettings.ReadWrite.All- !! THIS IS ONLY USED THROUGH USER INTERACTION SINCE IT DISABLES CONCEALING REPORTS !!
- If the Conceal Reports Feature is on, our app can’t function correctly since we can’t map activity data to the corresponding Team. If it’s turned on in your Tenant, the App will ask you to turn it off and give you the option to do so via the App so you don’t have to leave Teams This is the only time the Permission is used. The App will at no time change this setting on its own!
TeamSettings.ReadWrite.All- This is used to Archive the Team