| User.EnableDisableAccount.All |
3011c876-62b7-4ada-afa2-506cbbecc68c |
Enable and disable user accounts |
Allows the app to enable and disable users’ accounts, without a signed-in user. |
| User.Export.All |
405a51b5-8d8d-430b-9842-8be4b0e9f324 |
Export user’s data |
Allows the app to export data (e.g. customer content or system-generated logs), associated with any user in your company, when the app is used by a privileged user (e.g. a Company Administrator). |
| User.Invite.All |
09850681-111b-4a89-9bed-3f2cae46d706 |
Invite guest users to the organization |
Allows the app to invite guest users to the organization, without a signed-in user. |
| User.ManageIdentities.All |
c529cfca-c91b-489c-af2b-d92990b66ce6 |
Manage all users’ identities |
Allows the app to read, update and delete identities that are associated with a user’s account, without a signed in user. This controls the identities users can sign-in with. |
| User.Read.All |
df021288-bdef-4463-88db-98f22de89214 |
Read all users’ full profiles |
Allows the app to read user profiles without a signed in user. |
| User.ReadBasic.All |
97235f07-e226-4f63-ace3-39588e11d3a1 |
Read all users’ basic profiles |
Allows the app to read a basic set of profile properties of other users in your organization without a signed-in user. Includes display name, first and last name, email address, open extensions, and photo. |
| User.ReadWrite.All |
741f803b-c850-494e-b5df-cde7c675a1ca |
Read and write all users’ full profiles |
Allows the app to read and update user profiles without a signed in user. |