Permissions for Azure Active Directory application

For using MS Graph as an import source, create an application in Azure Active Directory and assign the following permissions.

API name Permission name Type
Microsoft Graph User.Read Delegated
Mail.Read Delegated
Mail.Read Application
Mail.Read.Shared Delegated
Mail.ReadWrite Application
Mail.ReadWrite Delegated
Mail.ReadWrite.Shared Delegated

Apart for assigning the above permissions, do the following:

  1. Login to

    Note Ensure that you have necessary permissions to change the application settings.
  2. Click the View button for Manage Azure Active Directory.

  3. From the Manage menu, click App registrations.

  4. In the right pane, select the application you have created in Azure Active Directory.

  5. From the Manage menu, click Authentication.

  6. Under Advanced settings in the right pane, set the value of Default client type to Yes.

  7. Click Save.

  8. Restart Kofax Message Connector Service.

    This will also set allowPublicClient parameter to true.