All Collections
Microsoft 365
Microsoft Office 365 Integration
Microsoft Office 365 Integration

Kick off cloud-to-cloud uploads directly from MS365 / O365

John OHara avatar
Written by John OHara
Updated over a week ago

This feature is available to customers on subscription plans.


Through a simple integration with your organization's Microsoft 365 instance, Logikcull streamlines the data upload process so that you can collect and upload Outlook E-mail data (including Draft messages and Attachments) directly from the source.


Please ensure the following before enabling the MS365 integration in Logikcull:

  1. E3 or E5 version of MS365 is required.

  2. A Microsoft365 Admin for your organization must Approve the Logikcull App in the Microsoft365 environment..

  3. An Exchange Admin needs to grant Mailbox Delegation - Full Access permissions to each mailbox intended for collection.

Setting up the integration

  1. Click on the Profile icon from the left panel > Integrations > Connect Microsoft 365:

2. Click Accept on this screen but do NOT check "consent on behalf of your organization" (unless intended):

Upload MS365 Data Through Integration (Cloud Upload)

Once you've connected the Microsoft 365 integration on your user profile, click on Create a new > Cloud upload > Import from Microsoft 365:

Pick your mailbox, date range, and custodian and then start your upload:

The upload will then appear in your upload tab and begin Transferring/Processing:

Video Walkthrough: Upload through MS365 Integration


What version of MS365 will this integration work with?

This integration works with both E3 and E5.

What data is available for collection through this integration?

  • Outlook e-mail data from primary mailboxes and in shared mailboxes are available for collection, including draft messages and attachments.

What data is not available for collection through the integration?

  • Notes and Tasks are not currently collected in this integration.

  • Archived emails are not supported/accessible through the Graph API and are not available for collection through the integration. Read more here from Microsoft.

How does a user authenticate with MS365?

  • Logikcull uses the Microsoft Graph API (Application Programming Interface) to access data in a customer’s Microsoft 365 environment.

  • Logikcull users creating a new upload from Microsoft 365 must log in with Microsoft 365 (Azure AD) credentials.

  • If the credentials are valid, Logikcull then asks for consent to access the Microsoft 365 data.

  • At this time, we request consent for read-only access to the user’s Microsoft 365 profile information, user directory, and email data.

What permission does a user need to have to access the integration?

  • Logikcull app permissions - A Microsoft365 Admin needs to approve the Logikcull app (grant consent) within Microsoft365 to allow Logikcull to connect to the Microsoft365 environment.

  • Mailbox permissions - The Exchange Admin needs to grant the Logikcull upload user “Mailbox Delegation - Full Access” permissions for each mailbox from which you need to run collections. This allows a delegate to open this mailbox and behave as the mailbox owner.

How does Logikcull handle multiple email aliases assigned to a single mailbox?

  • A Microsoft365 Admin will need to grant the primary email address for the mailbox with the proper permissions.

  • Under Select User in the Cloud Upload form, the users populated in the drop-down list will only display the user's primary name and email address as listed in the tenant directory. Any email alias(es) will not be listed in in this drop-down.

ℹ️ Mailbox permissions are per mailbox and not part of a role within Microsoft365.


You do not have Microsoft Exchange Admin Permissions

If you see this screen when you attempt to login:

This means that the account you are using is not a Microsoft 365 Admin. You will need to reach out to your Exchange Admin to either give you the correct permissions on the Microsoft side or you will need to have an Exchange Admin log in with their email address to set up the integration.

You are attempting to upload but see that you have 0 emails for the email and date range you selected

Please check to confirm that the mailbox you have selected has emails in the date range you have set.

If you have confirmed there are emails to pull for that mailbox in the specified date range, you likely need to delegate full permissions to the mailbox you are attempting to pull from.

Delegating full access to mailboxes

1. You as an Exchange Admin, will need to log into the Exchange admin center on the Microsoft side and click on Mail flow and select the user you'd like to collect from:

2. Click the Delegation tab and select to Edit “Read and manage (Full Access)” permissions:

Select the user who is performing the collection (you) to grant full access to the desired mailbox:

3. Confirm delegations when prompted. It can take up to 24 hours on the Exchange side for the changes to process, so you may still see 0 emails until you try the upload the next day.

ℹ️ The steps above will need to be performed for each mailbox you need to upload


  • You can grant full delegation to all the mailboxes you believe you will need to import from when you set up the integration in order to avoid having to delegate on an upload to upload basis.

  • You can add an Exchange Admin as an Upload Only User and they can set up the integration and create Microsoft 356 uploads.

Permission Details

The Logikcull app requests consent for the following permissions:






Display String


Admin Consent Required

Microsoft Account supported

Baseline Permissions to connect; manage tokens


View users' email address

Allows the app to read the users' primary email address.




Access user's data anytime

Allows the app to read and update user data, even when they are not currently using the app.




Sign users in

Allows users to sign in to the app with their work or school accounts and allows the app to see basic user profile information.




View users' basic profile

Allows the app to see users' basic profile (name, picture, user name).



Permissions to list users/custodians


and read user profile

Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. Also allows the app to read basic company information of signed-in users.




Read all users' full profiles

Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.



Permissions to work with Email data


Read user mail

Allows the app to read emails in user mailboxes.




Read user and shared mail

Allows the app to read mail that the user can access, including the user's own and shared mail.



Full reference for graph API permissions:

Did this answer your question?