Skip to main content

Search

Welcome to Block 64 Support

Required permissions for the M365 global administrator

Joseph Holland
  • Updated

While Global Administrator is necessary to approve Block64's ability to read your M365 Data, all permissions required must be met to achieve full inventory.

Below is a list of required minimum permissions to achieve full inventory of your M365 Data.

Get User

URL:/me

Retrieve the properties and relationships of user object.

Minimum permission needed - Directory.Read.All

Get Users

URL:/users

Retrieve a list of user objects.

Minimum permission needed - Directory.Read.All

Get Groups

URL:/groups

Get the properties and relationships of a group object.

Minimum permission needed - Directory.Read.All

Get Licenses

URL://subscribedSkus

Get a specific commercial subscription that an organization has acquired.

Minimum permission needed - Directory.Read.All

Get Mailboxes

URL:/reports/getMailboxUsageDetail(period='D180')

Get details about mailbox usage.

Minimum permission needed - Reports.Read.All

Get Secure Scores

URL:/security/secureScores

Retrieve the properties and relationships of a secureScore object.

Minimum permission needed - SecurityEvents.Read.All

Get Secure Score Control Profiles

URL:/security/secureScoreControlProfiles

Retrieve the properties and relationships of an securescorecontrolprofile object.

Minimum permission needed - SecurityEvents.Read.All

Get Organization

URL:/organization

Get the properties and relationships of the currently authenticated organization.

Minimum permission needed - Directory.Read.All

Get User Activation Usage

URL:/reports/getOffice365ActivationsUserDetail

Get details about users who have activated Microsoft 365.

Minimum permission needed - Reports.Read.All

Get Teams Usage

URL:/reports/getTeamsUserActivityUserDetail(period='D180')

Get details about Microsoft Teams user activity by user.

Minimum permission needed - Reports.Read.All

Get Sharepoint Usage

url://reports/getSharePointActivityUserDetail(period='D180')

Get details about SharePoint activity by user.

Minimum permission needed - Reports.Read.All

Get OneDrive Usage

URL:/reports/getEmailActivityUserDetail(period='D180')

Get details about OneDrive activity by user.

Minimum permission needed - Reports.Read.All

Get Outlook Usage

URL:/reports/getEmailActivityUserDetail(period='D180')

Get details about email activity users have performed.

Minimum permission needed - Reports.Read.All