Skip to main content
All CollectionsGetting StartedMicrosoft/Microsoft Teams Resources
Microsoft Permissions
Microsoft Permissions
Derek Weaver avatar
Written by Derek Weaver
Updated over 3 months ago

You can sign-up and continue to login to Strety in two ways:

  1. Microsoft SSO (recommended)

  2. Username & Password

If you're a Microsoft-using org, we recommend the SSO route so you can easily take advantage of our other MS-related integrations incl. our Teams app, Entra/Active Directory connection, and our integrations with MS Planner and MS To Do.

Two of our integrations require global admin consent so the entire org can use them. Note that each will require a global admin to consent separately:

  1. Entra/Active Directory - Will allow you to invite users in bulk directly from Entra/ctive Directory

  2. MS Planner

Fortunately, if you invite a global admin to Strety (as as Admin), they can take care of this in a few clicks!

  1. To consent for Entra: Navigate to Adminland --> People --> Invite People --> Invite by Microsoft --> Click "Add Microsoft" and follow the prompts

  2. To consent Microsoft Planner or To-Do on behalf of your Organization: navigate to your Integrations page (beneath your avatar, top-right) and follow the Consent for your organization prompts for each integration:

If you prefer to consent without adding a global admin to Strety you can consent directly on the Microsoft side of things. To grant tenant wide administrative access from Microsoft, go to:

  1. https://entra.microsoft.com/

  2. Applications --> Enterprise Applications --> Strety --> Permissions

  3. Click Grant Admin Consent for Strety

For more on granting global admin consent, here's an article from Microsoft

Permissions Explained - Details

When you Login or Signup with microsoft we ask the following personal permissions:

  • offline_access - Rule - Used so that we can keep an authenticated session on our end on behalf of the user and allows us to refresh our authentication when it expires using a refresh token

  • openid - Rule - Allows us to authenticate on behalf of the user and see basic user profile information (like name)

  • email - Rule - Allows us to read the user's primary email address

  • profile - Rule - Allows us to read the user's basic profile (name, picture, user name, email address, etc)

  • User.Read - Rule - Allows us to read based user profile information as well as read basic company information

Entra Permissions

When you onboard the ability to invite users from Entra within Strety we ask the following additional permissions (in addition to the basic logic permissions):

  • Directory.Read.All - Rule - requires admin consent - Allows us to read data in the organization's directory such as users, groups, and apps.

MS To Do & MS Planner Permissions

When you onboard the Microsoft To-Do or Microsoft Planner within Strety we ask the following additional permissions (in addition to the basic logic permissions):

  • Tasks.ReadWrite - Rule - Allows us to create, read, update, and delete tasks and task lists. Including any shared with the user.

  • Tasks.ReadWrite.Shared - Rule - Allows us to create, read, update, and delete tasks a user has permissions to, including their own and shared tasks.

FAQs

We have acquired another business and we'd like their M365 accounts to be able to access our Strety - will that be possible?

We currently do not limit or restrict domains, so you can invite people from other M365 tenants to your Strety instance where they will have the ability to login via Microsoft SSO and access Strety via Microsoft Teams App

Our Entra & MS Planner integrations are scoped at the tenant level. If you merge M365 tenants, your new users should appear within your Entra integration and will receive consent to use Planner (if already granted by an Admin).

If the tenants remain separate, you will need to invite the users via email

Did this answer your question?