What am I consenting to when I log in?

Follow

Comments

2 comments

  • Philip Worrell

    Access app data anytime? What does that mean exactly? 

     

    It says allows the app to update your data even when you are not currently using the app. 

     

    Which seems a bit generic and worrying from a security perspective. 

    It is probably nothing to worry about but some clarity would be useful. Thanks Guys

    0
    Comment actions Permalink
  • Niels Gregers Johansen

    Hi Philip,

    The wording "Access your data anytime" is a phrase which Microsoft apply to the dialogue. We can ensure you that anything we process is done in your browser, we have no server side code running at all.

    We have really struggled to get the the level of consent right so if only matches what the application really need access to, currently which licenses you have. That is the "https://graph.microsoft.com/User.Read" permission. 

    We have additional features in the pipeline which will require additional permissions for accessing OneDrive, Mail, Calendar etc. Azure Active Directory v2.0 authentication gives us the ability to implement an incremental consent strategy, read more here

     

     

     

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk