Overview
Image 1: App authentication overview
Required permissions
In order to work correctly the app will request the following permissions:
Permission | Type | Description | Admin consent required | Remarks |
|---|---|---|---|---|
Microsoft Graph | ||||
| Delegated | Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users. | No | |
| Delegated | Allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address, open extensions and photo. Also allows the app to read the full profile of the signed-in user. | No | |
| Delegated | Read channel names and channel descriptions, on behalf of the signed-in user. | No | |
| Application | Allows the app to read all channel messages in Microsoft Teams, without a signed-in user. | Yes | Getting links out of channel messages is currently not possible in a performant way using delegated permissions. After adding the app to a channel a process will preanalyse messages for links and store the following data if a link was found:
Important note: we will not store any message content directly |
Please also have a look at the official permission reference from Microsoft to get detailed information about the permission handling.
Consent the app
When you use the app for the first time or the required permissions of the app have changed a dialog will be shown where you can see all permissions that the app requires to work.
You have to grant these permissions in order to get the app working
You are able to remove these permissions at any time! |
Image 2: App consent dialog (TODO: update screenshot)
Because of the scopes mentioned above the app requires an administrator to consent for the whole organization. Individual users don't have to grant the permissions on their own. |
Remove app consent
If you want to remove the app permissions for your organization you can follow these steps:
Navigate to https://portal.azure.comusing a browser of your choice
Open your Azure Active Directory
Navigate to Enterprise applications
Search for Link Spotter and open the app
In the app configuration navigate to “Manage → Properties“
Press the “Delete“ button in the app action menu and approve if necessary
The full guide can be found on the official documentation from Microsoft: Delete an application from your Azure Active Directory (Azure AD) tenant
| Table of Contents |
|---|