Appspace Feature Mapping to Microsoft Scopes

Share on print
Share on facebook
Share on linkedin
Share on whatsapp
Share on email
At A Glance:
  • Article purpose: This article describes how the different scopes used on Microsoft accounts can determine certain available features on the Appspace console. 
  • Business problem: There are some questions around which Microsoft roles are required for Room Booking cards and the Maps module, and why certain scopes are requested.
  • Solution: This article will serve to detail which Appspace feature maps to which scope in the Microsoft roles used to link to the Appspace platform. 
  • Conclusion: Clarity in documentation helps customers better understand the needs and reasons behind the Microsoft roles that Appspace requests. 

WHAT’S IN THIS ARTICLE: 

Overview

Many of our enterprise customers utilize Microsoft solutions in their IT infrastructure. We have had many questions around which Microsoft roles are required for room booking and for linking map resources, and why certain scopes are requested.

Each customer may have different reasons for allowing or denying access to certain roles on the Microsoft account side, which impacts some Appspace functions.

This guide outlines what Microsoft scopes and permissions are required for integration. The documentation will help to provide more clarity and reasons to customer IT teams about why these specific scopes and permissions are needed.

Integration Points

Appspace has several integration points within the platform where Microsoft solutions such as Office 365 can be linked in order to provide access to calendar resources for room booking and mapping those resources to buildings and floor plans.

There are currently three Appspace features that integrate with Microsoft Office 365:

  • Room schedule card
  • Schedule board card
  • Maps (Locations)

Room Booking Cards

The Room Schedule and Schedule Board cards are directly linked to Office 365 with Microsoft account credentials during the card setup. The credentials are utilized once cards are deployed to devices.

Scope: Calendars.ReadWrite.Shared

Action

Justification 

API

Create an event

When booking a room, we will need to call the create event API to create an event for the room.

create event

Update an event

When extending or ending a meeting, we will need to call the update event API to change the timeline for the event.

update event

Delete event

When no one is checking in the room, we will need to call the delete event API

delete event

Get event

When displaying the events, we need to get the list of events using the get event API.

get event 

Scope: User.ReadBasic.All 

Action

Justification 

API

Get user

When showing the room information and organizer, we need to use the get user API to show the display name.

When booking a room, we need to pass in the room email as the organizer. This is used in conjunction with the calendar event APIs.

get user 

Maps (Locations)

The Maps module connects to Office 365 using an OAuth passport under Integrations. In the current version of the module, a single scope is used with an admin permission level. In the future, we plan to use the scopes utilized by the room booking cards.

Scope: Place.Read.All 

Action

Justification 

API

Get place

Request list of rooms/resources via the place API. This is used for searching the rooms during map configuration.

place 

Permissions

The permissions mentioned above are requested during the authentication process (OAuth) when users link their account with Appspace. These permissions can be revoked by the users on their Microsoft application page.

Conclusion

The scopes and permission levels outlined in this article should help IT administrators with the configuration of Microsoft accounts to link to Appspace.