To support Sigstr Relationships' analysis of your company's email activity and to build a relationship graph, we ask for the following permissions when we connect your O365 account to our Sigstr Relationships processing pipeline:
Sign-in and read user profile - User.Read
This represents basic oAuth permissions for any Office365 application.
Access user's data anytime - OpenID Delegated Permission - offline_access
Allows the app to read and update user data, even when they are not currently using the app.
Read mail in all mailboxes - Mail.Read
In order to analyze your company's email activity, we first need permission to read your employee emails.
This permission does give us access to read all fields of your email, however, we do not download attachments and we do not store email subject lines or email bodies. We only store the senders, recipients, and timestamps of emails.
We have access to email subject lines and email bodies in-memory only to filter transactional emails. This information is never stored on the Sigstr servers.
Send mail as any user - Mail.Send
This permission gives Sigstr the ability to send email on your behalf. We do not currently use this feature, but anticipate doing so in the future.
We will never send an email on your behalf without getting the user's explicit permission to do so.
Read directory data - Directory.Read.All
We ask for permission to read your user directory so that we can find the mailboxes and email addresses we need to process.
Read all users’ full profiles - User.Read.All
Sigstr Relationships uses this permission to properly match mailboxes to users in Sigstr.
Read calendars in all mailboxes - Calendars.Read
Sigstr Relationships also analyzes calendar events to help gather relationship and location intelligence. Similar to emails, while we do have access to all calendar fields, we only store the sender, recipient, timestamp and location of a calendar event.