Microsoft 365 Admin account

  • An Microsoft 365 Admin account is required if you have Exchange Rooms.
  • The Microsoft 365 Admin account must grant consent for Condeco to use User.Read and Calendars.ReadWrite.All (see table below).
  • It is a limitation of Exchange that Microsoft 365 Admin account can only grant consent for all calendars, however, the service account can be restricted to only read room calendars.

Permissions required

Clicking Accept to the Microsoft permissions popup during the onboard process will grant the following access to the Condeco Token Provider application using Microsoft Graph:

Permission Required Description Type Reason
EWS.AccessAsUser.All Access mailboxes as the signed-in user via Exchange Web Services Application This permission is required by the service account having impersonation rights to access mailboxes on behalf of a user.
Calendars.ReadWrite.All Read and write calendars in all mailboxes. Application This permission is required to create room subscriptions to get notifications of changes in Exchange mailboxes.
User.Read Sign in and read users profile. Delegated This permission is required to login for AAD user.

Need more help with this?
Condeco Support

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.