|Available for||Roles||Super Admin
Users need Office 365 administrator permission to configure the authorization method
|Permissions||• Manage company settings|
|Packages||Lever Basic, LeverTRM, LeverTRM for Enterprise|
||This integration is only available to teams that are entirely based on Office 365 and are not using any on-premise Exchange servers. If you are not sure about your company’s configuration, please ask a member of your IT team to reach out to our Support team. This integration is not compatible with Office 365 GCC High at this time.|
Lever's Office 365 integration overlaps with the ways in which you work in Lever such as login, email, and scheduling. In this article, you will learn how you can configure the authentication method by which can grant Lever permission to sync users' email, calendar, and/or contacts with Office 365.
Account syncing between Lever and Office 365 is an opt-in feature and Lever will only sync if consent has been provided. Lever uses an authentication standard known as OAuth. By adhering to this standard, Lever does not receive or store your users' Office 365 credentials. To learn more, refer to Microsoft's help article on OAuth.
There are two options for authorization with Lever’s Office 365 integration:
- Users individually authorize Lever (recommended)
Enables users to choose to sync their email, calendar, and/or contacts.
- Office 365 administrator configured
Require Office 365 administrator to grant consent and select permissions for all users.
By default your Lever instance will be set to option 1, "Users individually authorize Lever." Users will choose to sync their email, calendar, and/or contacts.
Configuring the Office 365 authorization method
Users with Office 365 administrator permission and Super Admin access in Lever can configure the authorization method.
- Navigate to Settings > Company
- Navigate to the Permissions for Email/Calendar integration section
By default your Lever instance will be set to "Users individually authorize Lever." This means that users in your Lever instance will each choose to sync their own email, calendar, and/or contacts.
The second authorization method is Office 365 administrator configured. This means that the Office 365 administrator will grant consent and select permissions for all Lever users:
- Select "Office 365 administrator configured"
- In the configuration modal, check the box confirming you are an administrator for your company's Office 365 account
- In the Office 365 permissions section, check the boxes Calendar, Contacts, and Email boxes for the permissions you wish to enable, including Full or Limited email sync
- Click the blue Go to 0365 Auth button
Only an Office 365 administrator will have the ability to accept the email and calendar permissions required in the following steps.
- In the Office 365 sign in page, enter your Office 365 administrator credentials
- Review the list of permissions requested and click the Accept button
After accepting, you will be taken back to the Settings > Company page in Lever where you will see the the Office 365 administrator configured authorization option is selected.
Other users in your Lever instance must now re-authenticate using Microsoft SSO to use the Microsoft Email and Calendar integration as newly configured.
Authorization method effects
Users individually authorize Lever
If you have decided to let your organization's Lever users to individually authorize Lever and select which permissions they consent to, you must ensure that the 'Users can consent to apps accessing company data on their behalf' setting in the User settings section of your Azure Administrator Portal (pictured below) is set to 'Yes.'
After logging into Lever, users will be able to grant access to the permissions of their choosing in Settings > My account.
Users also retain the ability to revoke any of the permissions they have granted at any time. To learn more, refer to our help article on configuring personal account settings.
Office 365 administrator configured
Configuring the option to require authorization from your organization's Office 365 administrator means that when one of the users in your Lever environment logs in, Lever will be automatically granted access to the permissions for which their Office 365 administrator has given consent. Upon logging in, users will not be prompted to grant Lever access to these permissions, and they will not have the ability to grant or revoke access to these permissions from their personal account settings.