Calamari needs to be installed by the Microsoft 365 / Entra ID admin. During the installation process, the admin will be prompted with the consent screen:
What are the required permissions?
Sign in and read the user profile
This permission allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
This is a permission requested to access your data in Calamari
Read and write calendars in all mailboxes
This permission allows the app to create, read, update, and delete events of all calendars without a signed-in user.
This is a permission requested to access your data in Calamari
Read directory data
This permission allows the app to read data in your organization's directory, such as users, groups and apps, without a signed-in user.
This is a permission requested to access your data in Calamari
Allow the app to manage itself for all users
It allows a Teams app to read, install, upgrade, and uninstall itself to any user without a signed-in user.
This is a permission requested to access your data in Calamari
Above mentioned points are the only common points required by Calamari integration with Microsoft 365 / Entra ID. From the users' perspective, the integration will have access to name, surname, e-mail address, and additionally avatar from Microsoft 365 / Entra ID domain.
Thanks to this, you can import users, and they can log in via SSO.
💡 Can I control what data Calamari has access to?
Once Calamari is connected to Microsoft 365 / Entra ID, you can manage integration permissions at any time in the Microsoft Entra admin center.
Go to the Enterprise applications section, select Calamari from the list of applications, and open the Permissions tab. From there, an administrator can:
review the permissions granted to Calamari,
limit access to specific resources,
revoke individual consents.
This means that even after activating the integration with Calamari, your organization retains full control over the scope of data access in Entra ID.