Skip to main content
Microsoft Permissions
Derek Weaver avatar
Written by Derek Weaver
Updated over a week ago

You can sign-up and continue to login to Strety in two ways:

  1. Microsoft SSO (recommended)

  2. Username & Password

If you're a Microsoft-using org, we recommend the SSO route so you can easily take advantage of our other MS-related integrations incl. our Teams app, Entra/Active Directory connection, and our integrations with MS Planner and MS To Do.

Two of our integrations require global admin consent so the entire org can use them. Note that each will require a global admin to consent separately:

  1. Entra/Active Directory - Will allow you to invite users in bulk directly from Entra/ctive Directory

  2. MS Planner

Fortunately, if you invite a global admin to Strety (as as Admin), they can take care of this in a few clicks!

  1. To consent for Entra: Navigate to Adminland --> People --> Invite People --> Invite by Microsoft --> Click "Add Microsoft" and follow the prompts

  2. To consent for Planner: navigate to your Integrations page (beneath your avatar, top-right) and follow the Consent for your organization prompts for each integration:

If you prefer to consent without adding a global admin to Strety you can consent directly on the Microsoft side of things. To grant tenant wide administrative access from Microsoft, go to:

  1. Applications --> Enterprise Applications --> Strety --> Permissions

  2. Click Grant Admin Consent for Strety

For more on granting global admin consent, here's an article from Microsoft

Permissions Explained - Details

When you Login or Signup with microsoft we ask the following personal permissions:

  • offline_access - Rule - Used so that we can keep an authenticated session on our end on behalf of the user and allows us to refresh our authentication when it expires using a refresh token

  • openid - Rule - Allows us to authenticate on behalf of the user and see basic user profile information (like name)

  • email - Rule - Allows us to read the user's primary email address

  • profile - Rule - Allows us to read the user's basic profile (name, picture, user name, email address, etc)

  • User.Read - Rule - Allows us to read based user profile information as well as read basic company information

MS Planner Permissions

When you onboard Planner within Strety we ask the following additional permissions (in addition to the basic logic permissions):

  • Group.ReadWrite.All - Rule - requires admin consent - Allows us to create/read/delete groups, their properties and memberships. Also allows us to read and write conversations.

Entra Permissions

When you onboard the ability to invite users from Entra within Strety we ask the following additional permissions (in addition to the basic logic permissions):

  • Directory.Read.All - Rule - requires admin consent - Allows us to read data in the organization's directory such as users, groups, and apps.

MS To Do Permissions

When you onboard the Microsoft To-Do within Strety we ask the following additional permissions (in addition to the basic logic permissions):

  • Tasks.ReadWrite - Rule - Allows us to create, read, update, and delete tasks and task lists. Including any shared with the user.

  • Tasks.ReadWrite.Shared - Rule - Allows us to create, read, update, and delete tasks a user has permissions to, including their own and shared tasks.

Did this answer your question?