This article shows permissions required for the different automations in Rencore Governance
Rencore Governance comes with a multitude of different automations that can be linked to checks. Below is a list of the permissions required for each automation.
Automation |
API |
Permission Required |
| Send message to a Teams Channel | - | None required |
| Send Email | - | None required |
| Trigger Azure Function | - | None required |
| Send HTTP Request | - | None required |
| Archive or Unarchive a Team | Graph | TeamSettings.ReadWrite.All |
| Copy File to Azure Blob Storage | SharePoint | SharePoint.Site.Read.All |
| Create a link to a document in SharePoint | SharePoint | SharePoint.Site.ReadWrite.All |
| Copy Document/ListItem Metadata | SharePoint | SharePoint.Site.ReadWrite.All |
| Move SharePoint File to recycle bin | SharePoint | SharePoint.Site.ReadWrite.All |
| Update Group property | Graph | Group.ReadWrite.All |
| Enable or disable a user account | Graph | User.ReadWrite.All |
| Set group visibility | Graph | Group.ReadWrite.All |
| Delete SharePoint file versions | Graph | SharePoint.Site.ReadWrite.All (Application) |
| SharePoint | SharePoint.Site.ReadWrite.All (Application) | |
| Add or remove a user from a group | Graph | Group.ReadWrite.All (Application) |
| Add or remove a user from a SharePoint Group | Graph | Group.ReadWrite.All (Application) |