What are the Authentication types used in Microsoft Office 365 scope activity and share comparison of Attended vs. Unattended authentication types in Microsoft Office 365 scope activity?
Authentication Types |
As an User |
As an Application (run as background service) |
Attended |
Unattended |
Unattended (MFA enabled) |
Details |
Application ID & Certificate |
X |
X |
X |
Available starting with version 1.9.0. Very similar with Application Id and Secret, the only difference being the usage of a certificate as a secret instead of a client secret string. |
||
Application ID & Secret |
X |
X |
X |
Scope to specific mailboxes When using this authentication type, the application has access to all mailboxes from your tenant! That's because application API permission Mail.Read represents "Read mail in all mailboxes" and Mail.ReadWrite means "Read and write mail in all mailboxes". It is possible to scope application permissions to specific mailboxes, so the application has access only to the specified mailboxes: Scoping application permissions to specific Exchange Online mailboxes Scope to specific sites Use Sites.Selected application permission to allow the application access to just specific SharePoint site collections rather than all. See How to Use Microsoft Sharepoint Sites - Selected Application In Azure AD |
||
Integrated Windows Authentication (IWA) |
X |
X |
|
|||
Interactive Token |
X |
X |
You have the option to register and use your own Azure AD app (i.e., OAuthApplication = Custom) or the one provided by UiPath (OAuthApplication = UiPath) |
|||
Username & Password |
X |
X |
|
Few references:
- Details about the available authentication types: Microsoft Office 365 Scope
- How to register your custom application in Azure AD and set Graph API permissions: Office 365 Setup
- The list with Graph API calls from O365 activities: Technical References
- Using UiPathStudioO365App for InteractiveToken (i.e.
OAuthApplication = UiPath
)