Enabling Littlebird for Your Microsoft 365 Tenant
Littlebird connects to Microsoft 365 (Outlook mail and calendar) through the Microsoft Graph API. This article explains how to enable it across your organization while our Microsoft Store listing is in progress, and exactly what access Littlebird requests.
Microsoft Store listing status
We've already kicked off the process to get Littlebird listed on the Microsoft Store. That said, it's a pretty lengthy approval process on Microsoft's end, and we don't have an exact timeline for when it'll go through.
The quick workaround (admin consent)
In the meantime, there's a quick workaround. Your IT admin just needs to open this URL while logged in as a Global Admin on your tenant:
https://login.microsoftonline.com/common/adminconsent?client_id=ce10f26e-efc7-41e0-9e0e-fdf552ef025f
That will add Littlebird to your Enterprise Applications and grant org-wide admin consent in one click. No waiting on Microsoft.
What access we're requesting
If you need more detail on what we're requesting access-wise, here's the breakdown. Littlebird uses 16 delegated permissions via the Microsoft Graph API:
Permission | What it's for |
|---|---|
Calendars.Read | Read user's calendar |
Calendars.Read.Shared | Read shared calendars |
Calendars.ReadBasic | Read basic calendar details |
Calendars.ReadWrite | Read/write user's calendar |
Contacts.Read | Read user's contacts |
Contacts.Read.Shared | Read shared contacts |
Mail.Read | Read user's emails |
Mail.Read.Shared | Read shared mailboxes |
Mail.ReadBasic | Read basic email info |
Mail.ReadBasic.Shared | Read basic shared mail |
Mail.Send | Send email as the user |
MailboxSettings.Read | Read mailbox settings |
offline_access | Maintain access via refresh token |
User.Read | Sign in and read user profile |
View user's email address | |
profile | View basic profile |
Delegated permissions only
All of these are 100% delegated permissions - we use zero application permissions. Per Microsoft's own documentation, delegated permissions mean the app acts on behalf of the signed-in user and can only access what that specific user can access.
Related Microsoft documentation
Grant tenant-wide admin consent to an application - what the admin consent link above does, and how to do the same from the Entra admin center if you'd rather not use the direct URL.
Configure how users consent to applications - relevant only if you'd prefer to let individual users consent for themselves instead of granting org-wide consent.