PeopleHR Ideas Portal
The current setup for authenticating the holiday sync service into O365 doesn't allow for least privileged access. It requires EWS "full_access_as_app" which grants PHR/HSS full control to all my staffs emails. Please can you review this and improve it by making it so that calendar sync for holiday bookings can occur whilst only requiring Graph API Calendar Read.Write. As this is the only permission that's required.
| Describe the Challenge | This would then fit into our security model and allow us to use this feature. It's also industry best practice and should be the default option. |
