Microsoft Azure AD

Here are the scopes we ask for when syncing your Microsoft Azure AD with Scribe:

1. Needed for co-workers to log in to Scribe with their Office 365 account. Read access to user profile (name and email) (Delegated) (Delegated) (Delegated)

2. Read administrative unit to create departments in Scribe (Application)

3. Read domains to import them in Scribe (Application)

4. Sign in and read the user profile (Delegated)

5. Read all users’ full profiles (Application)

6. Read all groups (Application)

7. Read all group memberships (Application)

8. Maintain access to data you have given access to the user profile (Delegated)

From those scopes, here is the data we store in Scribe

  • Profile picture

  • First name

  • Last name

  • Job position

  • Mobile phone

  • Work Phone

  • Fax

  • Department

  • Office

  • Street address

  • City

  • State or province

  • Zip or postal code

  • Country or region

  • Group names and memberships

  • Administrative unit names and memberships

  • Domains hostname

Scribe only reads data. We can not edit data in your Microsoft 365 or read your emails. Scribe is SOC II type 2 compliant.

Last updated