While Global Administrator is necessary to approve Block64's ability to read your M365 Data, all permissions required must be met to achieve full inventory.
Below is a list of required minimum permissions to achieve full inventory of your M365 Data.
Get User
URL:/me
Retrieve the properties and relationships of user object.
Minimum permission needed - Directory.Read.All
Get Users
URL:/users
Retrieve a list of user objects.
Minimum permission needed - Directory.Read.All
Get Groups
URL:/groups
Get the properties and relationships of a group object.
Minimum permission needed - Directory.Read.All
Get Licenses
URL://subscribedSkus
Get a specific commercial subscription that an organization has acquired.
Minimum permission needed - Directory.Read.All
Get Mailboxes
URL:/reports/getMailboxUsageDetail(period='D180')
Get details about mailbox usage.
Minimum permission needed - Reports.Read.All
Get Secure Scores
URL:/security/secureScores
Retrieve the properties and relationships of a secureScore object.
Minimum permission needed - SecurityEvents.Read.All
Get Secure Score Control Profiles
URL:/security/secureScoreControlProfiles
Retrieve the properties and relationships of an securescorecontrolprofile object.
Minimum permission needed - SecurityEvents.Read.All
Get Organization
URL:/organization
Get the properties and relationships of the currently authenticated organization.
Minimum permission needed - Directory.Read.All
Get User Activation Usage
URL:/reports/getOffice365ActivationsUserDetail
Get details about users who have activated Microsoft 365.
Minimum permission needed - Reports.Read.All
Get Teams Usage
URL:/reports/getTeamsUserActivityUserDetail(period='D180')
Get details about Microsoft Teams user activity by user.
Minimum permission needed - Reports.Read.All
Get Sharepoint Usage
url://reports/getSharePointActivityUserDetail(period='D180')
Get details about SharePoint activity by user.
Minimum permission needed - Reports.Read.All
Get OneDrive Usage
URL:/reports/getEmailActivityUserDetail(period='D180')
Get details about OneDrive activity by user.
Minimum permission needed - Reports.Read.All
Get Outlook Usage
URL:/reports/getEmailActivityUserDetail(period='D180')
Get details about email activity users have performed.
Minimum permission needed - Reports.Read.All