Teams MCP - Permissions
3 min read
All permissions are Delegated (not Application), meaning they act on behalf of the signed-in user and can only access data that user has access to.
Permission Summary
Permission | Type | ID | Admin Consent | Required |
|---|---|---|---|---|
| Delegated | No | Yes | |
| Delegated | No | Yes | |
| Delegated | No | Yes | |
| Delegated | Yes | Yes | |
| Delegated | Yes | Yes | |
| Delegated | No | Yes |
Understanding Consent Requirements
This is standard Microsoft behavior, not Teams MCP specific. All Microsoft 365 apps use the same consent model.
Standard Microsoft Consent Process
Admin adds the app and grants admin-required permissions
Organization-wide OR per-user
For Teams MCP:
OnlineMeetingRecording.Read.AllandOnlineMeetingTranscript.Read.Allrequire admin consent
Admin approval workflow (if tenant has it enabled)
Users request admin approval
Admin approves app for that user
This is in addition to Step 1
User consent (always required for delegated permissions)
Each user must consent individually
Required even after admin consent (Microsoft's requirement for delegated permissions)
Microsoft Documentation:
User and admin consent overview - Standard Microsoft consent flows
Grant admin consent - Step-by-step guide
Admin consent workflow - Per-user approval process
Least-Privilege Justification
Each permission is the minimum required for its function. No narrower alternatives exist.
User.Read
Aspect | Detail |
|---|---|
Purpose | Retrieve the signed-in user's profile (ID, email, display name) |
Used For | Identifying the user when storing tokens and creating subscriptions |
Why Not Less | This is the minimum permission to read any user data |
Why Not | That permission reads other users; we only need the signed-in user |
Calendars.Read
Aspect | Detail |
|---|---|
Purpose | Read the user's calendar events |
Used For | Determining if a meeting is recurring by querying the calendar event associated with an online meeting |
Why Not Less | No narrower permission exists for reading calendar events |
Why Not | We don't create or modify calendar events, only read them |
OnlineMeetings.Read
Aspect | Detail |
|---|---|
Purpose | Read meeting metadata (subject, start/end time, participants) |
Used For | Fetching meeting details when a transcript notification arrives |
Why Not Less | No narrower permission exists for reading meeting data |
Why Not | We don't create or modify meetings, only read them |
OnlineMeetingRecording.Read.All
Aspect | Detail |
|---|---|
Purpose | Read recordings from all meetings the user can access |
Used For | Downloading MP4 recording files to store alongside transcripts |
Why Not Less | No per-meeting recording permission exists; |
Why Not Application Permission | Would require tenant admin to create Application Access Policies per-user; impractical for self-service MCP connections |
Admin Consent | Required because recordings contain audio/video of meetings |
OnlineMeetingTranscript.Read.All
Aspect | Detail |
|---|---|
Purpose | Read transcripts from all meetings the user can access |
Used For | Downloading VTT transcript content for ingestion |
Why Not Less | No per-meeting transcript permission exists; |
Why Not Application Permission | Would require tenant admin to create Application Access Policies per-user; impractical for self-service MCP connections |
Admin Consent | Required because transcripts may contain sensitive meeting content |
offline_access
Aspect | Detail |
|---|---|
Purpose | Obtain refresh tokens for long-lived sessions |
Used For | Refreshing expired access tokens without user re-authentication |
Why Required | Without this, users would need to re-authenticate every ~1 hour when access tokens expire |
Why Delegated (Not Application) Permissions
Factor | Delegated | Application |
|---|---|---|
User involvement | User signs in and consents | No user; admin pre-configures |
Data access scope | Only the signed-in user's data | All users' data in tenant |
Setup requirement | None (self-service) | Admin creates Access Policies |
Least privilege | Yes - user controls their own data | No - broad tenant access |
The MCP model requires self-service user connections where each user:
Connects their own account
Controls what data they share
Can disconnect at any time
Application permissions would require tenant administrators to pre-configure access for each user, defeating the self-service model.
Permission Reference Links
Microsoft Graph Permissions Reference - Official Microsoft documentation
Calendars.Read - Third-party permission explorer
OnlineMeetingRecording.Read.All - Third-party permission explorer
OnlineMeetingTranscript.Read.All - Third-party permission explorer
Microsoft Graph API - Graph API overview
Related Documentation
Architecture - System components and infrastructure
Security - Encryption, PKCE, and threat model
Flows - User connection, subscription lifecycle, transcript processing