email
Ability to view the logged in users' email address; so when feedback is submitted, we can attribute it to the sender.
openid
A basic permission to allow the user to sign in.
profile
Ability to view the sender name; so when feedback is submitted, we can attribute it to the sender.
User.Read
Required to login as the user to keep the user logged in and not constantly ask for a password.
Mail.ReadWrite
The granted permissions allow the add-in to insert the survey into an email message.
We also use this permissions to monitor the send-items folder of a mailbox. This is so that when an email is sent, we check whether a survey exists within the latest message.
If the survey does exist, then the message recipients, sender name and email address are sent to Customer Thermometer via an internal API.
If the survey does not exist, then no message details are sent to Customer Thermometer.
The permissions are the most limited scope that Microsoft provides. We constantly review the Microsoft Graph API, which the add-in uses to communicate; however this is a limitation with what Microsoft provides.