In order to work correctly the app has to be able to access SharePoint content in the context of the current user. Therefore the app will request the following permissions:
Permission
Type
Description
Admin consent required
Microsoft Graph
User.Read
Delegated
Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
No
Sites.ReadWrite.All
Delegated
Allows the app to edit or delete documents and list items in all site collections on behalf of the signed-in user.
When you use the app for the first time or the required permissions of the app have changed a dialog will be shown where you can see all delegated permissions that the app requires to work.
You have to grant these permissions in order to get the app working.
You are able to remove these permissions at any time!
Image 1: App consent dialog
If your current user is an administrator you will see the additional checkbox "Consent on behalf of your organisation".
Checking this will consent to the app for every user that is part of your organisation. In this case the individual users don't have to grant the permissions on their own.
Remove app consent
If you want to remove the app permissions for your current user you can follow these steps: