Using MacroView Mail requires consent to a number of delegated permissions. These permissions are requested by two separate app registrations (MacroView Mail and MacroView Office) and are presented in a bundled consent screen the first time you as a user sign into the app. Administrators can approve the app for all users in the directory so that individuals do not see the consent prompt.
MacroView Mail (these permissions are required by the client-side app that runs in the task pane):
MacroView Office (these permissions are required by the cloud service running in Azure):
Delegated permissions are those that a normal user can consent to without Administrator approval.
These permissions allow MacroView Mail to performs actions on the user’s behalf via both the Microsoft Graph and SharePoint APIs.
The MacroView Mail cloud service is made up of a number of components. These include an Azure Function App, Storage queues, Storage tables, Key Vault and SQL Azure database. Access tokens are acquired via the service and made available to the client app via an HTTPS endpoint in the function app. These tokens are encrypted and persisted to a storage table in order to avoid prompting the user to sign in each time they use MacroView Mail. The encryption keys are held in Azure Key Vault.
MacroView Mail has been approved by Microsoft after it went through the certification process outlined here: https://docs.microsoft.com/en-us/office/dev/store/submit-to-appsource-via-partner-center and Microsoft has validated MacroView Mail to confirm that it complies with the following policies: https://docs.microsoft.com/en-us/legal/marketplace/certification-policies
With MacroView Mail app, no client data – documents, emails or associated metadata - is retained in MacroView servers or Azure instances.
Comments
0 comments
Article is closed for comments.