Microsoft Teams scopes for Mio for internal teams
We never ask for more than the bare minimum scopes necessary
Jennifer Jin avatar
Written by Jennifer Jin
Updated over a week ago

Mio is making cross platform communication between teams a reality. In doing so, protecting the integrity and security of your data is of paramount importance to us.

Mio securely integrates with your messaging platforms and never stores messages or files. Download our security white paper in our security center for more details.

We never require more permissions than necessary to make Mio function as intended.

Application scopes requested by Mio for Connect Platforms



Use case


Read all app catalogs

Allows Mio to check if the application is installed in the app catalog.


Read the names and descriptions of all channels

Allows Mio to import all the channels from selected Teams.


Create channels

Allows Mio to create channels in selected Teams.


Read all channel messages

Allows Mio to read all connected channel messages .


Read all chat messages

Allows Mio to read all connected DM and group chat messages.


Add and remove members from all chats

Allows Mio to add new members to an existing DM or group chat.


Create chats

Allows Mio to create new DM's and group chats.


Read items in all site collections and upload files

Allows Mio to fetch files and upload in channels


Read all group memberships

Allows Mio to read group membership to keep channel membership rosters up to date.


Get a list of all teams

Allows Mio to show all the Teams when connecting the platform so the user can select which teams they would like to import.


Read and write all group memberships

Allows Mio to add new members to the selected Team.


Create teams

Allows Mio to create new Teams (Groups).


Read organization information

Allows Mio to read your organization details to set up the account.


Read and write all users' full profiles

Allows Mio to read basic information (email, name and avatar) about users in selected Teams.


Manage Teams apps for all users

Allows Mio to install the app to a user so that Mio can send messages (prompts) to the user.


Read and write all groups

Allows Mio to create a subscription to group changes


Manage Teams apps for all teams

Allows Mio to install/uninstall the app from Teams


Allow Mio to list the members of a channel and add new members

Delegated scopes requested by Mio for User Sync



Use case


Read and write user chat messages

Allows Mio to send/edit and soft delete messages as the signed in user in DM's and group chats.


Send channel messages

Allows Mio to send messages as the signed in user in channels.


Read and write user channel messages

Allows Mio to edit and soft delete messages in channels.


Read the names and descriptions of teams

Allows Mio to get a list of joined Teams for the signed in user.


Have full access to user files

Allows Mio to upload a file on behalf of the signed in user and send an invitation to another user.


Sign in and read user profile

Allows Mio to access the signed in users profile for identification purposes.


Maintain access to data you have given it access to

Allows Mio to keep the access token refreshed after successful authentication

Frequently asked questions

Why does Mio need User.ReadWrite.All?

To enable cross platform direct messaging, Mio syncs a user's primary account with their secondary account. For example, Dave uses Webex and even though he has an account on Microsoft Teams he doesn't use. Mio will sync Dave's Webex account to his Microsoft Teams account and whenever he posts a message on Slack, Mio will post an exact copy of that message in Microsoft Teams using his Microsoft Teams account.

If Dave ever updates his avatar or wants to update his display name to David, Mio will use the User.ReadWrite.All scope to update his account in Microsoft Teams.

Why does Mio need to read all files that I have access to?

When a file is uploaded in Microsoft Teams it's stored in shared Sharepoint folders. The Mio app needs to access these specific Sharepoint files in order to successfully send the file to Slack and Webex.

At this time, this permission is the least privileged scope that Microsoft offers.

If you have any questions regarding security for Mio, please reach out to our team via the chat bot in the bottom right corner of your page.

Did this answer your question?