When you connect Code42 to Microsoft Office 365 email, you grant certain permissions to Code42 in your Microsoft environment. This article lists the permissions Code42 requires as well as what those permissions allow Code42 to do in your Microsoft environment.
Microsoft Office 365 email permissions
When a monitored user emails an attachment, Code42 collects information about the attached file along with the sender and recipients for the email.
To see this file activity, Code42 requires access to your Office 365 email environment. The Office 365 email permissions we request are:
This set of permissions means Code42 has read-only access to metadata for emails, attached files, and users within that email service. In other words, Code42 cannot make changes to the emails, data, or users in your email environment. In addition, Code42 does not monitor the contents of those files, and does not back up files in the email service.
Microsoft documentation: Microsoft Graph permissions reference