Sharing access to Microsoft 365 items

Last changed: Oct 29, 2020


Table of Contents

 


Introduction

Shared access is a technology that is used in various yasoon applications. It allows you to share Microsoft 365 entities like emails, conversations, chats or calendars with other Jira or Confluence users. You are basically giving them a very narrow access to certain information on your behalf.


Supported apps

Token sharing is currently only available for Atlassian Cloud products and will only work with Microsoft 365 (Office 365)

Token sharing is currently supported in the apps Outlook Email for Jira, Outlook Calendars for Confluence and Microsoft Teams for Jira.


Security

Security is our top priority when sharing access to entities. Whenever a user shares something with other users, a permission entry, along with a reference to the users authentication tokens is stored in our encrypted database.

When a user requests access to a shared entity like an email, the request is validated based on the permissions configured. When this user is granted access, our server calls the corresponding Microsoft resource on behalf of the user that shared the item. As all the data handling is done via our servers, no direct access is granted to any un-privileged user.

Whenever the user that shared the entity logs out of the app, other users no longer have access to the shared resources. If the user renews their login, access to the shared entity will be restored.


Microsoft 365 entities

The following Office objects can be shared within the apps.

Mail

Allows access to an individual email.

Conversation

Allows access to an individual email conversation, including following new emails.

Calendar

Allows access to an Outlook calendar and all events in the calendar.

Calendar

Allows read-only access to a Microsoft Teams chat.


Permission Types

Each Office item can be shared with a specific permission scope. The app currently provides the following sharing permissions.

Private

Only allows access to the Office item to the person who shared it.

Validated by the Microsoft login.

Azure Tenant

Office Items can also be shared with users in the same Azure tenant. This provides the possibility for users to see Office item that are not in their own mailbox.

Validated by the Microsoft login.

Atlassian Cloud

Gives every logged in Atlassian user access to the shared Office item.

Validated by the Atlassian JWT-Token

Public

Gives every user access to the shared Office item even if they are not logged in with Atlassian.

Validated by the Atlassian JWT-Token