Office 365 Securlet Permissions
search cancel

Office 365 Securlet Permissions


Article ID: 225531


Updated On:


CASB Securlet SAAS CASB Security Advanced CASB Security Premium CASB Security Standard


CloudSOC customers would like to remove Global Administrator permissions from the Microsoft 365 account used to activate the Office 365 Securlet but aren't sure if removing the permissions will impact the integration.


Release: 3.159

Component: Office 365 Securlet


Once the CloudSOC System Administrator has successfully activated the Office 365 Securlet, they can notify their Microsoft 365 Administrator that Global Administrator permissions are no longer required to be active on the user account that was used for the Securlet activation.

The integration between CloudSOC and Microsoft 365 requires Global Administrator permissions only for the initial activation and can be removed after activation. The OAUTH2 token retains the necessary permissions for the life of the integration to perform actions on behalf of the organization.

Note: Post activation, CloudSOC uses an OAUTH2 token with app-based permissions to maintain the relationship with Microsoft's Management APIs.