Skip to main content

Understanding Teamflect's Use of Microsoft Graph API Permissions

Learn how Teamflect uses Microsoft Graph API permissions to securely integrate with Microsoft 365.

Livia avatar
Written by Livia
Updated over 3 weeks ago

Teamflect integrates deeply with Microsoft 365 to provide a connected and seamless experience for its users. This integration is made possible through the Microsoft Graph API, which enables secure access to essential data and services across the Microsoft ecosystem.

🔗 What is Microsoft Graph API?

The Microsoft Graph API is a unified endpoint provided by Microsoft that allows developers to programmatically access:

  • Outlook

  • Teams

  • SharePoint

  • Calendars

  • Users and Groups

  • And more

It plays a crucial role in enabling secure data exchange between third-party applications and Microsoft 365 services.

🔒 Why Graph API Permissions Matter

Third-party applications like Teamflect require specific Graph API permissions to:

  • Securely access and retrieve data

  • Ensure only authorized access to Microsoft 365 content

  • Provide key functionalities such as calendar sync, user management, task tracking, and organizational insights

🔐 Teamflect’s Microsoft Graph API Permissions Explained

Below are the permissions Teamflect requests and what each is used for:

1. User.Read

Allows Teamflect to access the signed-in user's basic profile (name, email)
🧩 Used to identify and connect the user with Teamflect.

2. User.ReadBasic.All

Provides access to basic information about all users in the organization.
🧩 Enables users to view other user profiles.

3. People.Read

Grants access to user contacts and the organizational hierarchy.
🧩 Used for org charts and recommending feedback providers.

4. Calendars.Read

Allows Teamflect to access calendar events and meetings.
🧩 Used to display 1-on-1 and team meetings inside Teamflect.

5. Presence.Read.All

Provides visibility into real-time presence (available, busy, away, etc.) of all users.
🧩 Used to display real-time availability inside the app.

6. Tasks.ReadWrite (Optional)

Enables reading and writing of tasks from Microsoft To Do.
🧩 Allows users to manage tasks when To Do integration is enabled.

7. Directory.Read.All

Allows read-only access to directory information like departments, managers, and teams.
🧩 Used to connect OKRs with Microsoft Teams groups and access directory metadata.

🛡️ Data Privacy & Security Commitment

Teamflect takes data privacy seriously and adheres to the following principles:

  • No Teamflect employee or third party has standing access to customer data

  • All requested permissions serve only the purpose of powering the core functionality

  • Data is securely stored, processed, and handled in compliance with industry standards

📜 Compliance with GDPR and Other Regulations

Teamflect is fully GDPR compliant, aligning with global privacy laws and frameworks. We:

  • Limit data access to only what’s required

  • Encrypt data during transmission and at rest

  • Enable users to access, update, or delete their data at any time

Non-compliance with GDPR carries severe penalties - this ensures that Teamflect remains vigilant and transparent in how it handles data.

🔗 Learn More

For more details, visit the 👉 Teamflect Trust Center

You can explore our security practices, compliance certifications, and data handling policies in depth.

Related Articles
Where does Teamflect get a user's manager information from?
How to Upload and Sync User Data to Microsoft 365 (Org-chart, manager, department, job title, and more)
Understanding and Customizing Teamflect's Microsoft Permissions
How to Temporarily Block Access to Teamflect During a Security Incident
Troubleshooting Auto-Sync Issues Between Microsoft and Teamflect
Did this answer your question?