Permissions for OAuth
|
Protocol |
Grant type | Minimum set of Azure Active Directory API permissions required |
|---|---|---|
|
MS Graph |
Resource Owner Password Credentials |
User.Read (delegated) Mail.ReadWrite (delegated) Mail.ReadWrite.Shared (delegated) |
| Authorization Code |
User.Read (delegated) openid (delegated) profile (delegated) offline_access (delegated) Mail.ReadWrite (delegated) Mail.ReadWrite.Shared (delegated) |
|
| Client Credentials |
User.Read (delegated) Directory.Read.All (application) Mail.ReadWrite (application) |
|
| IMAP | Resource Owner Password Credentials | Not applicable |
| Authorization Code |
User.Read (delegated) openid (delegated) profile (delegated) offline_access (delegated) Mail.ReadWrite (delegated) Mail.ReadWrite.Shared (delegated) IMAP.AccessAsUser.All (delegated) |
|
| Client Credentials | Not supported by Microsoft Azure Active Directory. | |
| POP3 | Resource Owner Password Credentials | Not applicable |
| Authorization Code |
User.Read (delegated) openid (delegated) profile (delegated) offline_access (delegated) Mail.ReadWrite (delegated) Mail.ReadWrite.Shared (delegated) POP.AccessAsUser.All (delegated) |
|
| Client Credentials | Not supported by Microsoft Azure Active Directory. | |
| SMTP Outbound | Resource Owner Password Credentials | Not applicable |
| Authorization Code |
https://outlook.office.com/SMTP.Send (delegated) SMTP.Send (delegated) offline_access (delegated) openid (delegated) profile (delegated) |
|
| Client Credentials | Not supported by Microsoft Azure Active Directory. |