This article shows permissions required for the different automations in Rencore Governance
Rencore Governance comes with a multitude of different automations that can be linked to checks. Below is a list of the permissions required for each automation.
Automation |
API |
Permission Required |
Send message to a Teams Channel | - | None required |
Send Email | - | None required |
Trigger Azure Function | - | None required |
Send HTTP Request | - | None required |
Archive or Unarchive a Team | Graph | TeamSettings.ReadWrite.All |
Copy File to Azure Blob Storage | SharePoint | SharePoint.Site.Read.All |
Create a link to a document in SharePoint | SharePoint | SharePoint.Site.ReadWrite.All |
Copy Document/ListItem Metadata | SharePoint | SharePoint.Site.ReadWrite.All |
Move SharePoint File to recycle bin | SharePoint | SharePoint.Site.ReadWrite.All |
Update Group property | Graph | Group.ReadWrite.All |
Enable or disable a user account | Graph | User.ReadWrite.All |
Set group visibility | Graph | Group.ReadWrite.All |
Delete SharePoint file versions | Graph | SharePoint.Site.ReadWrite.All (Application) |
SharePoint | SharePoint.Site.ReadWrite.All (Application) | |
Add or remove a user from a group | Graph | Group.ReadWrite.All (Application) |
Add or remove a user from a SharePoint Group | Graph | Group.ReadWrite.All (Application) |