Skip to main content
Sign in

Search

Hi. How can we help ?

Manage Authentication

Powell Teams Support
  • Updated

Table of contents

  1. Introduction

 

Introduction

With Authentication, Powell Teams allows you extend scenarios in Powell Teams with a new admin consent.  

When you install Powell Teams, we use the default permission by default. However you have an option to extend the authorization with a new active directory app based on “Application permission”. 

 

With application permission, you authorize the application to perform certain tasks, even if a user does not have specific rights. 

 

Some of the features of Powell Teams app need specific permissions to operate. 

 

The different permissions requested by Powell Teams to make calls to the graph API are the following

  • Read & write all groups: read allow us to build activity reports and write is only necessary to create teams when you enable the automatic approbation​ 
  • Read items in all site collections: for activity reports 
  • Read all users' full profiles: for activity report and member management in automatic approval 
  • Read all usage reports : for Powell Teams reports 

Sharepoint API permission is necessary to use the Site Design feature : 

  • Have full control of all site collections : for Site Design deployment 

With application permission, you authorise the application to perform certain tasks, even if a user does not have specific rights or are not connected.  

 

ℹ After validating an Advanced or Enterprise admin consents using Powell Teams in a web browser, the consent status could not be updated on the page directly. Don't worry, the consent has been taken in account, just refresh the page to see the new status.

 

Authent_page.jpg
 

How to configure the new admin consent

To configure the new admin consent, follow the steps described below : 

 

Step 1 : Go to the administration menu in the global administration section and click on "Authentication". 

au2.jpg

 

Default permissions are set by default.

 

Step 2 : Choose between "Advanced" and "Enterprise", depending your requirements 

au3.jpg
 

ADVANCED : You need to click on the additional admin consent button and validate the app with an O365 global admin account 

 

ENTERPRISE: You need to create your own AAD app in Azure with the required right first then put your client id & client secret in the form. 

 

To use the site design option, you will need to add a certificate to allow Powell Teams to have full control of all site collections : for Site Design deployment 

au4.jpg
 

For more information go to the following page. https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#add-credentials

 

 

Comments

0 comments

Please sign in to leave a comment.