Home > App Management > Manage App Profiles for Microsoft Tenants > API Permissions Required by Default AvePoint Apps for Microsoft Tenants > Opus
Export to PDFOpus
Refer to the table below for the apps that you can use for Opus and the requirements to consent to app permissions.
| Category | App type in AOS | App setup method | Feature/Module | App name in Entra ID | New or updated? | Consent |
|---|---|---|---|---|---|---|
| Service app | Opus | Modern mode | All objects management | AvePoint Opus | No changes | Create or re-authorize an app profile in AOS > Management > App management. |
| Classic app | Microsoft 365 (All Permissions) | Classic mode | SharePoint Online OneDrive Microsoft Teams Microsoft 365 Group | AvePoint Online Services Administration for Microsoft365 | No changes | App management > Classic mode > Consented for all services. |
| Classic app | Microsoft 365 (SharePoint Permissions) | / | SharePoint object management | AvePoint Online Services Administration for SharePoint | No changes | Unsupported to create new. |
| Classic app | Microsoft 365 (Exchange Permissions) | / | Exchange Online Management | AvePoint Online Services Administration for Exchange | No changes | Unsupported to create new. |
| Classic app | Reporting for Microsoft 365 | Modern mode | Collect Microsoft 365 data | AvePoint Reporting for Microsoft365 | No changes | App management > Modern mode > Consented for all services |
Permissions Required by Opus
When you create an app profile for Opus in AvePoint Online Services, the AvePoint Opus app will be automatically set up in your Microsoft Entra ID.
The table below lists the permissions that should be accepted when you authorize AvePoint Opus app.
| API | Permission | Type | Purpose | Is newly required? |
|---|---|---|---|---|
| Microsoft Graph | Group.ReadWrite.All (Read and write all groups) | Application | Retrieve and update group information. | No |
| Microsoft Graph | Directory.Read.All (Read directory data) | Application | Retrieve your organization’s Microsoft Entra data. | No |
| Microsoft Graph | User.Read.All (Read all users’ full profiles) | Application | Retrieve information of user profiles. | No |
| Microsoft Graph | Reports.Read.All (Read all usage reports) | Application | Retrieve file size of your Microsoft 365 tenant. This permission will be required if you want to use the Discovery and Analysis functionality. | No |
| Microsoft Graph | TeamsSettings.ReadWrite.All (Read and change all teams' settings) | Application | Read and change all teams' settings. | No |
| Microsoft Graph | TeamsTab.ReadWrite.All (Read and write tabs in Microsoft Teams) | Application | Read and write tabs in Microsoft Teams. | No |
| Microsoft Graph | Sites.ReadWrite.All (Read and write items in all site collections) | Application | Read and write items in all site collections. | No |
| Microsoft Graph | Team.Create (Create teams) | Application | Create teams. | No |
| Microsoft Graph | TeamMember.ReadWrite.All (Add and remove members from all teams) | Application | Add and remove members from all teams. | No |
| Microsoft Graph | Chat.Read.All (Read all chat messages) | Application | Read all chat messages. | No |
| Microsoft Graph | ChannelMessage.Read.All (Read all channel messages) | Application | Read all channel messages. | No |
| Microsoft Graph | TeamsAppInstallation.ReadWriteForTeam.All (Manage Teams apps for all teams) | Application | Manage Teams apps for all teams. | No |
| Microsoft Graph | ChannelMember.ReadWrite.All (Add and remove members from all channels) | Application | Add and remove members from all channels. | No |
| Microsoft Graph | Tasks.ReadWrite.All (Read and write all users’ tasks and task lists) | Application | Read and write all users' tasks and task lists. | No |
| Microsoft Graph | ChannelSettings.ReadWrite.All (Read and write the names, descriptions, and settings of all channels) | Application | Retrieve channel information. | No |
| Microsoft Graph | Channel.Create (Create channels) | Application | Create channels. | No |
| Microsoft Graph | Sites.FullControl.All (Have full control of all site collections) | Application | Have full control of all site collections. | No |
| Microsoft Graph | MailboxItem.ImportExport.All (Allows the app to perform backup and restore for all mailbox items) | Application | Import and export mailbox items. | Yes |
| Microsoft Graph | MailboxFolder.Read.All (Read all the users’ mailbox folders.) | Application | Retrieve users’ mailbox folders. | Yes |
| Microsoft Graph | MailboxItem.Read.All (Read all the users’ mailbox items) | Application | Retrieve users’ mailbox items. | Yes |
| Microsoft Graph | MailboxSettings.Read (Read all user mailbox settings) | Application | Retrieve users’ mailbox settings. | Yes |
| Microsoft Graph | Mail.ReadWrite (Read and write access to user mail) | Application | Access and modify items within users’ mailboxes. | Yes |
| Microsoft Graph | Group.ReadWrite.All (Read and write all groups) | Delegated | Read and write all groups. | No |
| Microsoft Graph | ChannelMessage.Send (Send channel messages) | Delegated | Send channel messages. | No |
| Microsoft Graph | TeamMember.ReadWrite.All (Add and remove members from all teams) | Delegated | Add and remove members from teams. | No |
| Microsoft Graph | ChannelMember.ReadWrite.All (Add and remove members from all channels) | Delegated | Add and remove members from channels. | No |
| Microsoft Graph | User.Read.All (Read all users’ full profiles) | Delegated | Read all users' full profiles. | No |
| Microsoft Graph | Directory.Read.All (Read directory data) | Delegated | Read directory data. | No |
| Microsoft Graph | RecordsManagement.Read.All (Read Records Management configuration, labels, and policies) | Delegated | Retrieve the Records Management configuration in the Microsoft 365 Compliance Center. | Yes |
| Office 365 Exchange Online | full_access_as_app (Use Exchange Web Services with full access to all mailboxes) | Application | Retrieve information of Exchange Online mailboxes and Microsoft 365 Group mailboxes. | No |
| Office 365 Exchange Online | Exchange.ManageAsApp (Manage Exchange as application) | Application | Retrieve mailbox data. | No |
| SharePoint/Office 365 SharePoint Online | User.Read.All (Read all users’ full profiles) | Delegated | Retrieve user information. | No |
| SharePoint/Office 365 SharePoint Online | Sites.FullControl.All (Have full control of all site collections) | Application | Retrieve and manage SharePoint objects. | No |
| SharePoint/Office 365 SharePoint Online | User.Read.All (Read all users’ full profiles) | Application | Retrieve user information. | No |
| SharePoint/Office 365 SharePoint Online | TermStore.ReadWrite.All (Read and write managed metadata) | Application | Retrieve, and synchronize terms to term store. | No |
On this page