INKY Enterprise Applications for Microsoft 365

Owned by Chris Gaulke (Unlicensed)
Last updated: Dec 03, 2024 by Matthew Sywulak
1 min read

INKY Enterprise Applications

Each API access request by INKY end up in the Azure AD Enterprise Applications section found here: https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/AllApps

 

There are 4 INKY Enterprise Applications used by INKY.

  • INKY Dashboard SSO (Required if you want to use SSO through Entra AD and INKY Dashboard)

    • Sign users in - Delegated

    • View users' basic profile - Delegated

    • View users’ email address - Delegated

  • INKY Phish Fence - Directory Synchronization - INKY uses the Microsoft Graph API to check your tenant's domain and directory information to help ensure you stay protected. This requires you to log in with an Office 365 or Exchange global administrator account. Note: Once this access is granted, you may use the "Check for Missing Domains" tool under Advanced Config > Domain Information; please report any missing domains to INKY support.

    • Sign in and read user profile

    • Read directory data

    • Read domains

    • Read and write all groups

  • INKY - Setup and Maintenance - Used during the install process, Quarantine View, Message Trace, and other Tenant Operations.

    • Sign in and read user profile

    • Read and write all directory RBAC settings

    • Manage apps that this app creates or owns

    • Read and write domains

    • Read directory data

    • Manage Exchange As Application

  • Inky Phish Fence Remediation - Required if using the remediation features on the INKY Dashboard and delivering mail to Graymail folder if using INKY Graymail features.

    • Read and write all user mailbox settings

    • Read and write mail in all mailboxes

    • Sign in and read user profile

More info about the individual permissions can be found here: https://docs.microsoft.com/en-us/graph/permissions-reference