LogoLogo
  • Introducing dope.swg
    • Changing the Rules...
    • Quick Start Guide
      • Create a dope.swg Account
      • Get Started with the dope.endpoint
      • Import User and Group Data
      • Create a dope.swg Web Policy
    • Mitre ATT&CK and Nist CSF
  • dope.console
    • Analytics
      • Overview dashboard
      • Policy View
      • Productivity
      • Shadow IT
      • Detail View
    • dope.swg Policy
      • Editing the Base Policy
      • Adding Policy Exceptions
      • Assigning a Block Page
      • Creating Custom Categories
      • URL Bypass List
      • Application Bypass List
      • Default Bypass List
      • Cloud Application Control (CAC)
        • Microsoft O365
        • Google
        • Box
        • Salesforce
        • Dropbox
        • Slack
        • WebEx
      • Custom Policy
      • Policy Assignment
      • Policy Inheritance and Customization
    • CASB Neural
      • Microsoft 365 - Authentication
      • Google - Authentication
      • CASB DLP
        • DLP Files Table
    • Endpoint Manager View
      • Searching the View
      • Filtering and Sorting the Endpoint View
      • Endpoint Count
      • Running Diagnostics
      • Disable Endpoint
    • Settings
      • General
      • Block Pages
      • Endpoints
      • Users
        • Importing from Google
        • Why not SAML & SCIM?
      • Audit Log
      • SIEM Integration
        • Category & Verdict Mappings
      • API Client Credentials
      • Billing Details
    • Notifications
      • SSL Errors
  • dope.endpoint
    • Trusted Process Names
    • Generate Diagnostics
    • Disable Endpoint
    • Installing using MDM on Mac
      • Using JAMF
      • Using Kandji
      • Using Intune
    • Installing using Intune on Win
    • Mac Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • Windows Installer
      • Installation Process - Silent
      • Uninstall
      • Endpoint Authentication
    • dope.endpoint UI
      • Windows UI
      • macOS UI
    • Automatic Updates
  • Release Notes
  • DOPE.APIs
    • Public API Specification
Powered by GitBook
On this page
  • UX = dope.security. That’s why it only takes seconds to get your CASB scan of Microsoft 365 started.
  • Authentication
  1. dope.console
  2. CASB Neural

Microsoft 365 - Authentication

PreviousCASB NeuralNextGoogle - Authentication

Last updated 1 year ago

UX = dope.security. That’s why it only takes seconds to get your CASB scan of Microsoft 365 started.

Authentication

From the CASB tab in dope.console, select Microsoft 365 from the left-hand panel.

The authentication URL can either be self-enrolled, or sent to your 365 tenant admin to grant the required permissions to dope.security. For them, it's a one-click authorization.

At the authentication URL, the Admin will be asked to grant dope.security with a set of permissions to allow CASB Neural to scan their Microsoft 365 tenant.

Once permissions are granted then, your done! It really is that simple, dope.security will now scan your tenant, uncover any publicly shared files with sensitive data, and classify them!

SSPM Coming Soon: Uncover all third-party apps connected to your Microsoft 365 or Google SaaS tenant, neatly organized by access type: global, limited, or login access.

Scopes
Purpose

ActivityFeed.Read

Allows us to read company activity data

AuditLog.Read.All

Allows us to query logs for third-party integrations

Application.Read.All

Allows us to read third-party integrations

Directory.Read.Write.All

Allows us to read/write data for the company directory, such as users, groups and apps

Files.ReadWrite.All

Allows us to read/write files in all site collections

Policy.Read.All

Allows us to read company policies. Used to inspect Security + Conditional Access.

Policy.ReadWrite.ConditionalAccess

Allows us to read/write conditional policies

Sites.FullControl.All

Allows us to control site collections

User.Read

Allows us to read profile and basic company information

User.ReadWrite.All

Allows us to read/write details about users

Microsoft Authentication Link
Example of the authorization screen an admin will click through