Difference Between Manage App Permission/SharePoint Apps Permission/Integrated Apps In Office 365 Tenant

Introduction

The purpose of this document is to provide an explanation about the below topics.

  • Managed App Permission (Security & Compliance)
  • Sharepoint App Permission (Sharepoint Admin Center)
  • Integrated Apps (Settings à Service Add-ins)


Manage Permission (Security & Compliance)

SharePoint Apps

Integrated Apps

Description

The Manage app permissions page displays information about app permissions in your Office 365 tenant.

In this page, you can see the list of app names which are installed in your tenant, with some additional details like permission, number of users using the app.

Users can install custom apps and third party apps in their Sharepoint tenant that depend on user requirement.

Before developing any custom app or third party app, the developer should set the permission and scope for that app. If the developer did not set the permission and scope, then the scope is automatically set to Site level with read permission.

When Integrated App is turned on, users in your organization can allow third-party apps to access their Office 365 information. For example, when someone uses a third-party app, that app might ask for permission to access their calendar and to edit files that are in a OneDrive folder.

Located in Admin Center

To access the App permissions page, in the Security & Compliance Center, choose DLP, then App permissions.

On the App permissions page, choose Go to Advanced Security Management.

SharePoint Admin Center >> Apps >> App Permissions

Turning Integrated Apps on or off

Go to Settings >> Services & Add-ins >> Integrated Apps

When user can see the apps in respective pages

There are two ways in which we can install the apps in O365.

1) From the Azure Marketplace.

2) From Cloud SAAS solutions using AstraZeneca’s account.

Note: -

If the app has been installed from Azure Marketplace, the admin can deploy and configure the app. Based on that permission, the app may/may not get displayed in O365 app permission page.

If the app is installed from Cloud SAAS solution, then they get displayed in O365 app permission page.

Tenant Scope

SharePoint administrator can see the app which is installed with tenant scope and read/write/full permission in the Sharepoint Admin Center App permission page.

Site Scope

If the app has the site collection scope, that means the apps are listed in Site settings >> Site app permission page. And also, we can see the list of apps which has the list and web level scope in same site setting page.


Use of the Feature

Many third party productivity apps that might be downloaded by business users in an organization, sometimes use information from Office 365. This can potentially be a security risk to your organization. App permissions give you the visibility and control you need over these applications. App permissions show you which user-installed applications have access to Office 365 data, what permissions the apps have, and which users granted these apps access to their Office 365 accounts. App permissions help you decide which apps you allow your users access to, and which ones you want to ban.