Microsoft Entra ID Domains - Permissions for applications registered in Azure AD | Help Center

Defining permissions for an app registered in Azure AD

Apps are authorized to call APIs when they are granted the appropriate permissions. The following is a list of permissions required for integration with NDD Print Portal 360:

applications

Application.ReadWrite.All

Type	application
Description	Allows you to view, update, delete, and perform actions on access reviews, reviewers, decisions, and settings within the organization without a user being logged in

Application.ReadWrite.OwnedBy

Type	application
Description	Allows the application to create other applications and fully manage them (read, update, refresh secrets, and delete applications) without a logged-in user.

Directory.Read.All

Type	application
Description	Allows the app to read data in your organization's directory, such as users, groups, and apps, without a user being signed in.

email

Type	delegate
Description	Allows the app to read your users' primary email addresses

Group.Read.All

Type	application
Description	Allows the app to read group properties and memberships and view conversations in all groups, even when no user is logged in.

GroupMember.Read.All

Type	application
Description	Allows the application to read groups and basic group properties for all groups without a user being logged in.

OpenId

Type	delegate
Description	Allows the application to read groups and basic group properties for all groups without a user being logged in.

Organization.Read.All

Type	application
Description	Allows the app to read the organization and related resources without a user being logged in

Policy.ReadWrite.ApplicationConfiguration

Type	application
Description	Allows the application to read and write configuration policies for your organization's applications without a user being logged in.

User.ManageIdentities.All

Type	application
Description	Allows the application to read, update, and delete identities associated with a user's account without the user being logged in.

User.Read.All

Type	application
Description	Allows the application to read user profiles without a user being logged in.

User.ReadWrite.All

Type	application
Description	Allows the application to read and update user profiles without a logged-in user.

Information on integrating Microsoft Entra ID with NDD Print Portal 360
Once the application registration is complete, the Microsoft Entra admin center will display some information in the Overview panel. Here is the information needed to complete the domain registration in NDD Print Portal 360: Application ID (client) Application domain Directory ID (tenant) Client secret

Information on integrating Microsoft Entra ID with NDD Print Portal 360

Once the application registration is complete, the Microsoft Entra admin center will display some information in the Overview panel. Here is the information needed to complete the domain registration in NDD Print Portal 360:

Application ID (client)
Application domain
Directory ID (tenant)
Client secret