Credentials and permissions list

  • Last update on February 25th, 2025

Here is the complete list of all the credentials and permissions that are requested during the onboarding process.

Credentials

Owner account

During the first steps of the onboarding process, you will be prompted to enter the User Principal Name and password for a Microsoft 365 account. 

This account serves as the ownership account and must have specific characteristics:

  • It must be a valid Microsoft Office 365 organizational account, meaning one that is associated with a work or school account.
  • The account must be granted the Global Administrator role.
  • It does not require an assigned Office 365 license.
  • It can be a cloud-only account.

Remember that the administrative credentials (Microsoft 365 admin username and password) you provide during sign-up are not stored or retained by CoreView.

 
 

Service accounts

To import reporting data, CoreView creates service accounts for your Microsoft 365 tenant.

Here are the key points of their creation:

  • They are read-only accounts, assigned the Global Reader and Reports Reader permissions.
  • The number of accounts created depends on the size of your tenant, ranging from 2 to 10
  • They are solely used for connecting to your tenant and collecting reporting data.
  • They are not authorized to make any changes within your environment.
  • They do not require Office 365 licensing. 

Remember not to delete the service accounts after onboarding, or the import of data into CoreView will stop working. Also, remember not to remove the granted permissions for the CoreView Registration App.

 
 
 

Permissions

Mandatory permissions

During onboarding, you will be asked to grant consent to the following Enterprise Applications. Providing permissions for these apps is mandatory to proceed with the onboarding.

The purpose, detailed list of permissions, and further information about these apps are available on the article List of CoreView Enterprise applications in our product manual.

Additional consents

After onboarding, when your CoreView Tenant is ready and you log in to the platform, you will be able to provide optional consents:

Please be aware that the number of CoreView app integrations may vary. We assess your tenant and, based on its size and transaction volume, we dynamically generate the necessary number of apps to manage the load CoreView requires.

 

Additional resources

For more information on Microsoft rights please refer to:

Azure Active Directory Graph API

Microsoft Graph permissions reference

Office 365 Management Activity API