• Trust Center
  • English
    • Deutsch
  • Trust Center
  • English
    • Deutsch
Expand All Collapse All
  • Trust Center
    • Supported Clients
    • Authentication & Single Sign On
    • Communication & Network Security
      • Network Diagram
      • Traffic Encryption
      • DDoS Prevention
      • Domains Whitelisting
    • Infrastructure Services
      • Microsoft Teams
      • Microsoft Azure
      • Microsoft Azure Data
      • Microsoft Azure DevOps
      • Google analytics tracing pixel
    • Microsoft Graph Permissions
      • Admin-Restricted Permissions
      • Required Permissions
    • Data Management Practices
      • Application Data
      • Metadata Collection
      • Usage Data
      • Support Data
      • Error Reporting Data
      • Data Residency
    • Secure Development
      • Secure Development Principles
      • Microsoft Azure Best Practices
      • Standard JavaScript Style
      • ESLint Security
      • NPM Audit
      • Code Review
      • Deployment Process
      • Product Development Cycle
    • Privacy & Compliance
    • Security Policy
    • Classification Labels
  • Architecture & Security
    • Teams Manager
    • External User Manager
    • MindMap
    • File Manager
    • Intranet
    • Hyperlinks
    • PnP Package

External User Manager

798 views 16

We want our customers to be confident and aware of our data collection practices when using External User Manager.

Note

The content on this page is subject to change. We recommend that you check back quarterly for updates.

Data Management Practices

With its various features, External User Manager accesses, processes and stores several types of data:

  • Authentication
  • Team/Group
  • User
  • Teams conversations

Here is how we’re managing data for these different categories:

DataAccessedCachedStoredNotes
Authentication✔✔✔Access-Tokens are generated for both Application and Delegated Permission 
Access-Tokens are cached for up to 45m. 
Refresh-Token for service user to handle the invite process is stored in the database.
Team/Group✔🚫✔ID of Teams/Groups/Sites is stored in the database. 
User✔🚫✔Users data (AAD ID, UPN). 
AAD ID and ID assigned from the Bot are stored in the database.
Teams conversations✔🚫✔Bot sends messages in Teams and sends Adaptive Cards to users. 
ID of adaptive Card is stored.

Microsoft Graph

ScopeDescriptionJustificationAdmin Consent RequiredType
AuditLog.Read.AllRetrieve the audit log activities of user object.Allows the app to read and query your audit log activities, without a signed-in user.YesApplication
emailRequired for SSO.Allows the app to read your primary email address.NoDelegated
Group.Read.AllRetrieve the properties of the Group object.Allows for getting the groups the logged in user has access to.YesDelegated
Group.ReadWrite.AllRetrieve and update the properties of the Group object.Allows for getting and updating groups without user access (e.g. lifecycle).YesApplication
GroupMember.ReadWrite.AllRetrieve and update the properties of a user object in a group.Allows for getting and updating users in a group the logged in user has access to.YesDelegated
GroupMember.ReadWrite.AllRetrieve and update the properties of a user object in a group.Allows for getting and updating users in a group without user access. YesApplication
Mail.SendAllows to send mails from the user.Allows for sending the lifecycle mail notifications.YesApplication
offline_accessRequired for SSO.Allows the app to see and update the data you gave it access to, even when you are not currently using the app. This does not give the app any additional permissions.NoDelegated
openidRequired for SSO.Allows you to sign in to the app with your work or school account and allows the app to read your basic profile information.NoDelegated
profileRequired for SSO.Allows the app to see your basic profile (e.g., name, picture, user name, email address).NoDelegated
Team.ReadBasic.AllRetrieve the basic properties of a team object.Allows for getting the basic information of a team.YesApplication
TeamMember.ReadWrite.AllRetrieve and update the properties of a user object in a team.Allows for getting and updating users in a team the logged in user has access to.YesDelegated
TeamMember.ReadWrite.AllRetrieve and update the properties of a user object in a team.Allows for getting and updating users in a team without user access.YesApplication
TeamsActivity.SendSend Teams activities to users.Allows for sending activities to users.NoDelegated
TeamsActivity.SendSend Teams activities to users.Allows for sending activities to users.YesApplication
TeamsAppInstallation.ReadForUserRetrieve installed apps of a user object. Required for sending activities.Allows the app to read the Teams apps that are installed for you. Does not give the ability to read application-specific settings.NoDelegated
TeamsAppInstallation.ReadForUser.AllRetrieve installed apps of a user object. Required for sending activities.Allows the app to read the Teams apps that are installed for any user, without a signed-in user. Does not give the ability to read application-specific settings. YesApplication
User.Invite.AllSend invite to external guests.Allows the app to invite guest users to the organization, on your behalf.YesDelegated
User.ReadRetrieve the properties and relationships of the logged in user object.Allows to get the logged in user.NoDelegated
User.Read.AllRetrieve the properties of user objects.Allows for getting the user data of all users.YesDelegated
User.ReadWrite.AllRetrieve and update the properties of a user object.Allows for getting and updating users without user access.YesApplication
AppCatalog.Read.All
Retrieves the app from the store

Navigation from Adaptive Card into the app
YesApplication

Microsoft Teams Apps Security And Compliance

To provide organizations with the information they need to accelerate and inform decisions about the Microsoft Teams apps and add-ins they use, Microsoft works with our Microsoft 365 developer partners. This information is supplemented by information from the Microsoft Cloud App Security app catalog and information provided by developers when they submit their apps. This security, data handling and compliance information is intended to help organizations assess and manage the risks of using these apps.

Note

Microsoft 365 App Compliance Program

Architecture And Flow Diagram

Resource Endpoints

All the traffic from and to the External User Manager platform uses HTTPS protocol on port 443. Here is a short description of each flow:

NameComments
.msecnd.net and *.visualstudio.comfor performance metrics analysis

Dependencies

Server

Name Version Url License 
@fluentui/font-icons-mdl2 8.4.8 https://github.com/microsoft/fluentui MIT 
@fluentui/foundation-legacy 8.2.15 https://github.com/microsoft/fluentui MIT 
@fluentui/react ^8.91.0 https://github.com/microsoft/fluentui MIT 
@fluentui/react-focus 8.8.0 https://github.com/microsoft/fluentui MIT 
@fluentui/react-hooks 8.6.7 https://github.com/microsoft/fluentui MIT 
@fluentui/react-northstar 0.64.0 https://github.com/microsoft/fluentui MIT 
@fluentui/style-utilities 8.7.7 https://github.com/microsoft/fluentui MIT 
@fluentui/theme 2.6.12 https://github.com/microsoft/fluentui MIT 
@microsoft/applicationinsights-react-js ^3.4.0 https://github.com/microsoft/applicationinsights-react-js MIT 
@microsoft/applicationinsights-web ^2.8.6 https://github.com/microsoft/ApplicationInsights-JS MIT 
@microsoft/teams-js 1.10.0 https://github.com/OfficeDev/microsoft-teams-library-js MIT 
@react-pdf/renderer ^2.3.0 https://github.com/diegomura/react-pdf MIT 
@testing-library/jest-dom ^4.2.4 https://github.com/testing-library/jest-dom MIT 
@testing-library/react ^9.5.0 https://github.com/testing-library/react-testing-library MIT 
@testing-library/user-event ^7.2.1 https://github.com/testing-library/user-event MIT 
@types/jest ^24.9.1 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/microsoftteams ^1.9.2 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/node ^12.19.4 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/pdfmake ^0.2.1 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react ^17.0.39 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-dom ^18.0.6 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-email-editor ^1.1.1 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-pdf ^5.7.2 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-router-dom ^5.3.3 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/recharts ^1.8.23 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
adaptivecards ^2.9.0 https://github.com/microsoft/AdaptiveCards MIT 
adaptivecards-templating ^1.4.0 https://github.com/microsoft/AdaptiveCards MIT 
array-move ^3.0.1 https://github.com/sindresorhus/array-move MIT 
assert ^2.0.0 https://github.com/browserify/commonjs-assert MIT 
buffer ^6.0.3 https://github.com/feross/buffer MIT 
node-sass ^4.14.1 https://github.com/sass/node-sass MIT 
pdf-lib ^1.16.0 https://github.com/Hopding/pdf-lib MIT 
pdfmake ^0.2.5 https://github.com/bpampuch/pdfmake MIT 
react ^17.0.2 https://github.com/facebook/react MIT 
react-devtools ^4.25.0 https://github.com/facebook/react MIT 
react-dom ^17.0.2 https://github.com/facebook/react MIT 
react-dropzone ^12.0.4 https://github.com/react-dropzone/react-dropzone MIT 
react-email-editor ^1.3.0 https://github.com/unlayer/react-email-editor MIT 
react-html-parser ^2.0.2 https://github.com/wrakky/react-html-parser MIT 
react-iframe ^1.8.0 https://github.com/svenanders/react-iframe ISC 
react-intl ^6.0.8 github.com/formatjs/formatjs BSD-3-Clause 
react-pdf ^5.7.2 https://github.com/wojtekmaj/react-pdf MIT 
react-router-dom ^6.3.0 https://github.com/remix-run/react-router MIT 
react-scripts 3.4.4 https://github.com/facebook/create-react-app MIT 
react-sortable-hoc ^2.0.0 https://github.com/clauderic/react-sortable-hoc MIT 
read-appsettings-json ^1.0.98 https://github.com/codechavez/read-appsettings-json MIT 
recharts ^2.1.13 https://github.com/recharts/recharts MIT 
typescript ^4.7.4 https://github.com/Microsoft/TypeScript Apache-2.0 
typestyle ^2.1.0 https://github.com/typestyle/typestyle MIT 
@testing-library/jest-dom  ^5.16.2 https://github.com/testing-library/jest-dom MIT 
@testing-library/react  ^11.2.7 https://github.com/testing-library/react-testing-library MIT 
@testing-library/user-event  ^12.8.3 https://github.com/testing-library/user-event MIT 
@types/jest  ^26.0.24 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/node  ^12.20.46 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react  ^17.0.39 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-dom  ^17.0.11 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-html-parser  ^2.0.2 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-pdf  ^5.7.2 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-router-dom  ^5.3.3 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/react-signature-canvas  ^1.0.2 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
@types/sass  ^1.43.1 https://github.com/DefinitelyTyped/DefinitelyTyped MIT 
js-sha256  ^0.9.0 https://github.com/emn178/js-sha256 MIT 
react  ^17.0.2 https://github.com/facebook/react MIT 
react-dom  ^17.0.2 https://github.com/facebook/react MIT 
react-html-parser  ^2.0.2 https://github.com/wrakky/react-html-parser MIT 
react-intl  ^5.24.6 github.com/formatjs/formatjs BSD-3-Clause 
react-pdf  ^5.7.2 https://github.com/wojtekmaj/react-pdf MIT 
react-player  ^2.9.0 https://github.com/CookPete/react-player MIT 
react-router-dom  ^6.3.0 https://github.com/remix-run/react-router MIT 
react-scripts  ^5.0.0 https://github.com/facebook/create-react-app MIT 
react-signature-canvas  ^1.0.5 https://github.com/agilgur5/react-signature-canvas Apache-2.0 
react-toastify  ^9.0.5 https://github.com/fkhadra/react-toastify MIT 
read-appsettings-json  ^1.0.98 https://github.com/codechavez/read-appsettings-json MIT 
sass  ^1.49.9 https://github.com/sass/dart-sass MIT 
typescript  ^4.5.5 https://github.com/Microsoft/TypeScript Apache-2.0 
web-vitals  ^1.1.2 https://github.com/GoogleChrome/web-vitals Apache-2.0 
react-responsive ^9.0.0-beta.6 https://github.com/contra/react-responsive MIT 
AdaptiveCards 2.7.2 https://github.com/Microsoft/AdaptiveCards MICROSOFT SOFTWARE LICENSE TERMS 
AdaptiveCards.Templating 1.1.0 https://github.com/Microsoft/AdaptiveCards MICROSOFT SOFTWARE LICENSE TERMS 
Azure.Storage.Blobs 12.9.1 https://github.com/Azure/azure-sdk-for-net MIT 
Azure.Storage.Queues 12.7.0 https://github.com/Azure/azure-sdk-for-net MIT 
Log4net.AzureLogAnalytics 1.3.1 https://github.com/Microsoft/ApplicationInsights-dotnet MIT 
Microsoft.ApplicationInsights.AspNetCore 2.17.0 https://github.com/Microsoft/ApplicationInsights-dotnet MIT 
Microsoft.ApplicationInsights.Log4NetAppender 2.17.0 https://github.com/Microsoft/ApplicationInsights-dotnet MIT 
Microsoft.AspNet.WebApi.Core 5.2.7 https://github.com/aspnet/AspNetWebStack  MICROSOFT SOFTWARE LICENSE TERMS 
Microsoft.AspNet.WebPages 3.2.7 https://github.com/aspnet/AspNetWebStack MICROSOFT SOFTWARE LICENSE TERMS 
Microsoft.AspNetCore.AzureAppServices.HostingStartup 3.1.28 https://github.com/dotnet/aspnetcore MIT 
Microsoft.AspNetCore.Cors 2.2.0 https://github.com/aspnet/CORS Apache-2.0 
Microsoft.AspNetCore.SpaServices.Extensions 3.1.8 https://github.com/dotnet/aspnetcore MIT 
Microsoft.Azure.WebJobs.Extensions 3.0.6 https://github.com/Azure/azure-webjobs-sdk-extensions MICROSOFT SOFTWARE LICENSE TERMS 
Microsoft.Bot.Builder 4.16.1 https://github.com/Microsoft/botbuilder-dotnet MIT 
Microsoft.Bot.Builder.Integration.AspNet.Core 4.14.1 https://github.com/Microsoft/botbuilder-dotnet MIT 
Microsoft.Bot.Connector 4.16.1 https://github.com/Microsoft/botbuilder-dotnet MIT 
Microsoft.Bot.Connector.Teams 0.10.0 https://github.com/OfficeDev/BotBuilder-MicrosoftTeams-dotnet MIT 
Microsoft.Bot.Schema 4.16.1 https://github.com/Microsoft/botbuilder-dotnet MIT 
Microsoft.EntityFrameworkCore 5.0.7 https://github.com/dotnet/efcore MIT 
Microsoft.EntityFrameworkCore.Design 5.0.7 https://github.com/dotnet/efcore MIT 
Microsoft.EntityFrameworkCore.InMemory 5.0.7 https://github.com/dotnet/efcore MIT 
Microsoft.EntityFrameworkCore.Sqlite 5.0.7 https://github.com/dotnet/efcore MIT 
Microsoft.EntityFrameworkCore.SqlServer 5.0.7 https://github.com/dotnet/efcore MIT 
Microsoft.EntityFrameworkCore.Tools 5.0.7 https://github.com/dotnet/efcore MIT 
Microsoft.Extensions.Logging.Log4Net.AspNetCore 3.1.5 https://github.com/huorswords/Microsoft.Extensions.Logging.Log4Net.AspNetCore Apache-2.0 
Microsoft.Graph.Beta 0.35.0-preview https://github.com/microsoftgraph/msgraph-beta-sdk-dotnet MIT 
Microsoft.Web.WebJobs.Publish 2.0.0 https://dot.net/ MICROSOFT SOFTWARE LICENSE TERMS 
SendGrid 9.24.0 https://github.com/sendgrid/sendgrid-csharp.git MIT 
Solutions2Share.Modules.Logger 1.3.0   
System.Drawing.Common 5.0.2 https://github.com/dotnet/runtime MIT 
System.Net.Http 4.3.4 https://dot.net/ MICROSOFT SOFTWARE LICENSE TERMS 
log4net 2.0.12 https://github.com/apache/logging-log4net Apache-2.0 
Microsoft.Identity.Client 4.45.0 https://github.com/AzureAD/microsoft-authentication-library-for-dotnet MIT 
Microsoft.Extensions.Configuration.UserSecrets 3.1.8 https://github.com/dotnet/runtime MIT 
Microsoft.Graph.Core 1.25.1 https://developer.microsoft.com/graph MIT 
System.IdentityModel.Tokens.Jwt 6.21.0 https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet MIT 

Was this helpful?

16 Yes  No

Didn't find your answer? Contact Us

Previously
Teams Manager
Up Next
MindMap
  • Privacy Policy
  • Imprint
  • Copyright 2023 Solutions2Share GmbH. All Rights Reserved.

Popular Search:Teams Manager, External User Manager