Home > App Management > Manage App Profiles for Microsoft Tenants > API Permissions Required by Default AvePoint Apps for Microsoft Tenants > Document Management System Online
Export to PDFDocument Management System Online
Refer to the table below for the apps that you can use for Document Management System Online and the requirements to consent to app permissions.
| Category | App type in AOS | App setup method | Feature/Module | App name in Entra ID | New or updated? | Consent |
|---|---|---|---|---|---|---|
| Service app | DMS Online | Modern mode | All | AvePoint Document Management System Online | No changes | Create or re-authorize an app profile in AOS > Management > App management. |
Permissions Required by Document Management System Online
When you create the DMS Online app profile in AvePoint Online Services, the AvePoint Document Management System Online app will be automatically set up in your Microsoft Entra ID.
The table below lists the permissions that should be accepted when you authorize AvePoint Document Management System Online app.
| API | Permission | Type | Purpose | Is newly required? |
|---|---|---|---|---|
| Microsoft Graph | AppCatalog.ReadWrite.All (Read and write to all app catalogs) | Delegated | Deploy and publish Teams apps. | No |
| Microsoft Graph | Directory.Read.All (Read directory data) | Application | Retrieve Microsoft 365 users. | No |
| Microsoft Graph | Group.ReadWrite.All (Read and write all groups) | Application | Retrieve and add Microsoft 365 groups and group members. | No |
| Microsoft Graph | Sites.FullControl.All (Have full control of all site collections) | Application | Retrieve settings and permissions of SharePoint Online site collections. | No |
| Microsoft Graph | TeamMember.ReadWrite.All (Add and remove members from all teams) | Application | Retrieve and manage Team members. | No |
| Microsoft Graph | ChannelMember.ReadWrite.All (Add and remove members from all channels) | Application | Retrieve and manage private channel members. | No |
| Microsoft Graph | TeamMember.ReadWrite.All (Add and remove members from all teams) | Delegated | Retrieve and manage Team members. | No |
| Microsoft Graph | ChannelMember.ReadWrite.All (Add and remove members from all channels) | Delegated | Retrieve and manage private channel members. | No |
| Microsoft Graph | Sites.FullControl.All (Have full control of all site collections) | Delegated | Retrieve settings and permissions of SharePoint Online site collections. | No |
| Microsoft Graph | Directory.Read.All (Read directory data) | Delegated | Retrieve Microsoft 365 users. | No |
| Microsoft Graph | Sites.Read.All (Read items in all site collections) | Delegated | Retrieve site and library objects. | No |
| Microsoft Graph | Files.ReadWrite.All (Have full access to all files the user can access) | Delegated | Retrieve files that the user can access. | No |
| Microsoft Graph | Mail.ReadWrite (Read and write access to user mail) | Delegated | Retrieve user mail and email attachments. | No |
| Microsoft Graph | User.Read (Sign in and read user profile) | Delegated | Sign in and read the user profile. | No |
| SharePoint | Sites.FullControl.All (Have full control of all site collections) | Application | Retrieve settings and permissions of SharePoint Online site collections. | No |
| SharePoint | TermStore.ReadWrite.All (Read and write managed metadata) | Application | Retrieve and create managed metadata service. | No |
| SharePoint | AllSites.FullControl (Have full control of all site collections) | Delegated | Retrieve settings and permissions of SharePoint Online site collections. | No |
| SharePoint | TermStore.ReadWrite.All (Read and write managed metadata) | Delegated | Retrieve and create managed metadata service. | No |
| SharePoint | Sites.Search.All (Run search queries as a user) | Delegated | Filter site collections that the user can access and allow the user to search objects in the site collections. | No |
| SharePoint | User.Read.All (Read user profiles) | Delegated | Retrieve user profiles. | No |
On this page