Microsoft 365 - Authentication
Last updated
Last updated
From the CASB tab in dope.console, select Microsoft 365 from the left-hand panel.
The authentication URL can either be self-enrolled, or sent to your 365 tenant admin to grant the required permissions to dope.security. For them, it's a one-click authorization.
At the authentication URL, the Admin will be asked to grant dope.security with a set of permissions to allow CASB Neural to scan their Microsoft 365 tenant.
Once permissions are granted then, your done! It really is that simple, dope.security will now scan your tenant, uncover any publicly shared files with sensitive data, and classify them!
SSPM Coming Soon: Uncover all third-party apps connected to your Microsoft 365 or Google SaaS tenant, neatly organized by access type: global, limited, or login access.
ActivityFeed.Read
Allows us to read company activity data
AuditLog.Read.All
Allows us to query logs for third-party integrations
Application.Read.All
Allows us to read third-party integrations
Directory.Read.Write.All
Allows us to read/write data for the company directory, such as users, groups and apps
Files.ReadWrite.All
Allows us to read/write files in all site collections
Policy.Read.All
Allows us to read company policies. Used to inspect Security + Conditional Access.
Policy.ReadWrite.ConditionalAccess
Allows us to read/write conditional policies
Sites.FullControl.All
Allows us to control site collections
User.Read
Allows us to read profile and basic company information
User.ReadWrite.All
Allows us to read/write details about users
