When you connect Code42 to Microsoft OneDrive, you grant certain permissions to Code42 in your Microsoft environment. This article lists the permissions Code42 requires as well as what those permissions allow Code42 to do in your Microsoft environment.
Code42 collects file events from OneDrive. A file event is any activity observed for a file. For example, creating, modifying, sharing, renaming, moving, or deleting a file generates an event for that file. To see this file activity, Code42 requires access to your OneDrive environment. The OneDrive permissions we request are:
This set of permissions gives Code42 the access to user information, file metadata, and drives needed to monitor file activity. This set includes manage and write permissions required for the Code42 data connection. However, Code42 is committed to data integrity and does not:
- Write to or modify content in your cloud storage environment
- Monitor the contents of files in cloud storage
- Back up files in cloud storage
The Code42 data connection uses the Files.ReadWrite.All permission to allow security analysts to:
Microsoft documentation: Microsoft Graph permissions reference