Skip to main content
Peach requires several Microsoft Graph permissions to authenticate users, discover shared mailboxes, and send and receive email.

Why permissions are required

Peach operates using shared inboxes commonly used by financial aid offices. These permissions allow Peach to:
  • Authenticate staff members
  • Discover shared mailboxes
  • Read incoming student emails
  • Send responses from approved mailboxes
  • Synchronize mailbox activity
Peach only accesses mailboxes that your organization explicitly authorizes.

Required permissions

PermissionTypePurpose
Mail.ReadWriteApplicationRead emails and update message status
Mail.SendApplicationSend emails from approved shared mailboxes
MailboxSettings.ReadApplicationIdentify available shared mailboxes
User.ReadDelegatedAuthenticate users
User.Read.AllApplicationRetrieve mailbox and user information during setup

Permission details

Mail.ReadWrite

Allows Peach to:
  • Import emails into Tickets
  • Mark messages as read
  • Synchronize mailbox status
Without this permission, Peach cannot display student emails inside the platform.

Mail.Send

Allows Peach to:
  • Send responses from shared mailboxes
  • Deliver AI-assisted drafts
  • Send messages directly from Tickets
This permission does not give Peach permission to send from arbitrary mailboxes. Access is controlled by your Microsoft configuration.

MailboxSettings.Read

Allows Peach to identify which shared mailboxes are available for connection. This improves onboarding and mailbox selection.

User.Read

Allows users to authenticate with Microsoft 365. Peach uses Microsoft authentication rather than requiring separate passwords.

User.Read.All

Allows Peach to retrieve mailbox information necessary during onboarding. This permission is used to help identify available shared mailboxes.

Security considerations

Some Microsoft tenants apply additional restrictions to emails sent by applications.
In certain environments, outbound messages may generate a Non-Delivery Report (NDR) until Microsoft mail flow policies are updated. If outbound email delivery fails, see the Troubleshooting guide.

Need help?

Experiencing issues with your Microsoft integration? Visit the Troubleshooting guide for solutions to common setup, mailbox, and email delivery issues.