edison365 Technical Product Description

Overview of the edison365 application

Table of Contents

  1. Overview
  2. Architecture Overview
  3. Pre-requisite Requirements

Overview

edison365 is a Software-as-a-Service (SaaS) applicated hosted in Azure. The application is built in house and maintained by the edison365 team.

Back to Top

Architecture Overview

The application is hosted in the Microsoft Azure platform using Platform-as-a-Service (PaaS) components. The service is globally distributed to ensure regional performance and high availability. The application is built around Azure AD as the authentication provider, users authenticate into the edison365 application using their Azure AD accounts that are maintained by their organization. As the authentication is managed by the customer's Azure AD, any conditional access policies such as MFA will be honoured. 

The application will make use of Microsoft 365 services such as user profile details, working times and Microsoft Teams presence, this is provided via the Microsoft Graph API. 

Back to Top

Pre-requisite Requirements

As a true SaaS application, there are no requirements for customers to host or install any part of the service. The only requirement for the customer is to consent to the edison365 Azure AD application so that the application has the required access to the Microsoft 365 Graph API services for your Microsoft 365 tenant. The API permissions edison365 requires for full functionality are listed below, these are the Delegated permission Type:

  • Create chats
    • Allows the app to create chats on behalf of the signed-in user.
  • Read and write user chat messages
    • Allows an app to read and write 1 on 1 or group chats threads, on behalf of the signed-in user.
  • Send user chat messages
    • Allows an app to send one-to-one and group chat messages in Microsoft Teams, on behalf of the signed-in user.
  • Read all groups
    • Allows the app to list groups, and to read their properties and all group memberships on behalf of the signed-in user. Also allows the app to read calendar, conversations, files, and other group content for all groups the signed-in user can access.
  • Read group memberships
    • Allows the app to list groups, read basic group properties and read membership of all groups the signed-in user has access to.
  • Read user mailbox settings
    • Allows the app to the read user's mailbox settings. Does not include permission to send mail.
  • Maintain access to data you have given it access to
    • Allows the app to see and update the data you gave it access to, even when users are not currently using the app. This does not give the app any additional permissions.
  • Read users' relevant people lists
    • Allows the app to read a ranked list of relevant people of the signed-in user. The list includes local contacts, contacts from social networking, your organization's directory, and people from recent communications (such as email and Skype).
  • Read presence information of all users in your organization
    • Allows the app to read presence information of all users in the directory on behalf of the signed-in user. Presence information includes activity, availability, status note, calendar out-of-office message, timezone and location.
  • Sign in and read user profile
    • Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
  • Read all users' full profiles
    • Allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.
  • Read all users' basic profiles
    • Allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address and photo.
     

      As new features are added to the application, this list of permissions may change in future releases. 

      Back to Top