Outlook Permissions Guide
This article explains how Honeit handle access to your Outlook Calendar after you have sync'ed with Honeit. During the Oauth2 login process, Outlook will present the resources and permissions that Honeit wishes to access from your Outlook account. (see image below)
A: Maintain Access to data you have given Honeit access to
Honeit uses this resource/permissions to maintain access tokens to allow access to your calendar's free/busy times for scheduling calls. For example, when a contact wants to request a time for a call, encrypted API tokens are stored in Honeit to allow communications between Honeit and Outlook, even when you're not online.
Open Graph scope used:
OpenId, Offline
Reference:
https://learn.microsoft.com/en-us/azure/active-directory/develop/scopes-oidc#openid-connect-scopes
https://learn.microsoft.com/en-us/azure/active-directory/develop/refresh-tokens
When is it used:
This resource/permission is used when Honeit needs access to your Outlook Calendar.
B: Read your profile
Honeit requires access to read your Outlook's public profile username for an Oauth2 connection. This resource does not allow Honeit to write data into your profile
Open Graph scope used:
User.Read
Reference:
https://learn.microsoft.com/en-us/graph/permissions-reference
When is it used:
We only require this resources/permission to verify your account email address during the Oauth2 syncing process.
C: Have full access to your calenders
Honeit requires read/write (full access) access to your calendar for scheduling/scheduled calls.
Honeit will read your calendar's free/busy times to create an Honeit schedule for contacts to request a call with you based on your availability. Honeit will only access your main calendar and does not access multi-calendars. Honeit also can not see your event details, only free/busy times.
Honeit will add (write) scheduled call events onto your calendar once a call time is confirmed. Data written onto your calendar will only be relevant to the scheduled call such as time, phone number, contact's name, etc... Honeit events can also be deleted and moved based on your call schedules. Only honeit events can be moved and deleted from your calendar.
Open Graph scope used:
Calendar Read/Write Scope
Reference:
https://learn.microsoft.com/en-us/graph/api/calendar-get?view=graph-rest-1.0&tabs=http
When is it used:
Read resource/permission is used when a contact wished to book a call using Honeit's scheduling system. It may also be used within your account for rescheduling or direct scheduling of contacts. Write resource/permission is used to add, move and delete Honeit events onto your calendar.