App Permission List
Required permissions
To work properly, the app needs access to SharePoint content in the context of the current user. Therefore, it will request the following permissions during the consent process:
Permission | Type | Description | Why do we need this? | Admin consent required |
|---|---|---|---|---|
Microsoft Graph | ||||
| Delegated | Allows users to sign-in to the app and allows to read the profile of signed-in users. It also allows to read basic company information of signed-in users. | Used exclusively for login purposes to login the user to Microsoft services. | No |
| Delegated | Allows to edit or delete documents and list items in all site collections on behalf of the signed-in user. | Used for querying SharePoint sites, files and lists, as well as allowing operations like uploading files to SharePoint document libraries from Confluence. | No |
| Delegated | Allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address and photo. | When embedding SharePoint lists containing person or group columns, this scope is used to display the profile picture of the user(s) contained in the field. | No |
| Delegated | Read the names and descriptions of teams, on behalf of the signed-in user. | When embedding SharePoint lists containing person or group columns, this scope is used to display the profile picture of the group(s) contained in the field. | No |
| Delegated | Allows the app to read presence information of all users in the directory on behalf of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location. | When embedding SharePoint lists containing person or group columns, this scope is used to display presence information about the user(s) contained in the field. | No |
Please also have a look at the official permission reference from Microsoft to get detailed information about the permission handling.
When you grant consent, it applies only to operations performed on behalf of the currently logged-in user—not the app itself. All permissions are delegated, meaning users can only perform actions they are already authorized to perform in SharePoint. The same permission model as in SharePoint applies.
Additionally, no data is stored or processed offline by the app under any circumstances.