What version of MS365 will this integration work with?
This integration works with both E3 and E5.
What data is collected through this integration?
Email data is collected, including draft messages and attachments.
Notes and Tasks are not currently collected in this integration.
How does a user authenticate with MS365?
Logikcull uses the Microsoft Graph API (Application Programming Interface) to access data in a customer’s Microsoft 365 environment.
Logikcull users creating a new upload from Microsoft 365 must log in with Microsoft 365 (Azure AD) credentials.
If the credentials are valid, Logikcull then asks for consent to access the Microsoft 365 data.
At this time, we request consent for read-only access to the user’s Microsoft 365 profile information, user directory, and email data.
What permission does a user need to have to access the integration?
Logikcull app permissions - A Microsoft365 Admin needs to approve the Logikcull app (grant consent) within Microsoft365 to allow Logikcull to connect to the Microsoft365 environment.
Mailbox permissions - The Exchange Admin needs to grant the Logikcull upload user “Mailbox Delegation - Full Access” permissions for each mailbox from which you need to run collections. This allows a delegate to open this mailbox and behave as the mailbox owner.
ℹ️ Mailbox permissions are per mailbox and not part of a role within Microsoft365.
Setting up the integration
Just click on the Microsoft 365 icon under Cloud Upload, then log in to your account through Azure Active Directory.
Logikcull will automatically retrieve a list of users from whom to export data. From there, select a date range and upload.
The Logikcull app requests consent for the following permissions:
openid profile email offline_access user.read user.read.all mail.read mail.read.shared calendar.read calendar.read.shared
Admin Consent Required
Microsoft Account supported
Baseline Permissions to connect; manage tokens
View users' email address
Allows the app to read the users' primary email address.
Access user's data anytime
Allows the app to read and update user data, even when they are not currently using the app.
Sign users in
Allows users to sign in to the app with their work or school accounts and allows the app to see basic user profile information.
View users' basic profile
Allows the app to see users' basic profile (name, picture, user name).
Permissions to list users/custodians
Sign-in and read user profile
Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. Also allows the app to read basic company information of signed-in users.
Read all users' full profiles
Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.
Permissions to work with Email data
Read user mail
Allows the app to read emails in user mailboxes.
Read user and shared mail
Allows the app to read mail that the user can access, including the user's own and shared mail.
Permissions to work with Calendar data
Read user calendars
Allows the app to read events in user calendars.
Read user and shared calendars
Allows the app to read events in all calendars that the user can access, including delegate and shared calendars.
Full reference for graph API permissions: https://docs.microsoft.com/en-us/graph/permissions-reference
This feature is only available in subscription plans.