What is Thread? A Beginner's Guide

Setting Up Your Thread Workspace

Configure Status Mapping in Thread

Pod Configuration in ConnectWise PSA

How to use Thread Pods in ConnectWise PSA

How to Setup ConnectWise PSA Ticketing Integration

Connectwise Permissions Overview

How to Setup Autotask Ticketing Integration

How to Enable Chat and Timepad Insights in Autotask

Setting up an Email Communication Workflow in Autotask

How to Setup HaloPSA Ticketing Integration

Action Mapping Configuration with Thread

Exploring Your Response Options in Halo

Frequently Asked Questions (FAQ)

Auvik

CloudRadial

ConnectWise Automate

ITGlue

TimeZest

Configuring Auto Prioritization

Configuring Auto Categorization

Configuring Ticket Type Categorization

Magic Recap Template Library

Getting Started with Magic Recap

Configuring Magic Title

Magic Title Rule Creation Guide

Flows and Views for Sentiment

Configure Magic Sentiment

Setting up Triage Agent

Introducing Your Service Catalog

Create Your First Intents with Triage Agents

Trigger Powerful Automations with Magic Agents

Intent Creation Assistance

Automate Approvals with Magic Agents

Creating a Workflow to Track Magic Agent Activity

Automating Knowledgebase Search with Triage Agent

Setting Up Email Support for Magic Agents and Inbox

Getting Started with Triage Agent

Getting Started with Voice AI

How to Set Up and Configure a Voice AI Agent

Contact Mapping

Configure Reminder Agent

Contact Intelligence Overview

Contact Intelligence FAQ

Configure and Personalize Messenger

Create Your Custom Chat App

Deploy and Test Your Custom Chat App

Deploying Messenger

What is the Teams Service App for Customers?

Design a Custom Teams App for Your Customers

How to Deploy the Teams Service App

Embedding CloudRadial in Your Teams App

Cloning a Legacy Teams App

How to Roll Out the Teams Service App to Specific Users

Microsoft Teams 2.0 FAQs

Microsoft Teams App Permissions

How Do I Upload a Teams App Banner?

How to Uninstall the Microsoft Teams Service App

How to Test the Slack Service App in a Sandbox Environment

How to Deploy the Slack Service App to a Customer

Deploying Messenger to Mac

Windows Deploying Messenger via Command Line

How to Deploy Desktop Messenger with SSO

Embedding the Messenger "Chat Bubble" on Your Website

Messenger Portal Auto Authentication

Embedding Messenger on a Landing Page

Standard Chat vs. Chat with SLAs: What's the difference?

How to Override Messenger Branding and Configuration for a Customer

How Configurations and Assets Work in Messenger Chat

Messenger Internationalization (English & French)

Allow New Contacts to Open Chats in Messenger

How to Set Up Support Business Hours in Messenger

Access All Tickets in Messenger (formerly "Proactive Messages")

How to Disable a Client's Messenger Access

How Do Customers Use Messenger Chat?

Where Can I Find My Thread App ID?

How to Add a "Chat Now" Button to Ticket Email Notifications in Your PSA

Create Your First Views

How to Setup Single Sign-on (SSO)

What are Views and Insights?

Avatars

Inbox: Getting Started

Inside Views

Navigating a Thread

Thread Control Panel

Notifications

How to Set Up an On-Call Member to Be Assigned

Creating a Flow to Send a Holiday Out-of-Office Message

How to Setup a SmileBack CSAT Survey

Thread Planner: How-To Guides and FAQs

Save Time Answering Chats with Snippets

How to Create an Email Signature Using Snippets

How to Track Your Time in Inbox

Sending Attachments with Inbox

Accessing & Installing Inbox

Can I Customize the Style of My Messages?

What Shortcuts Can I Use in Inbox?

Managing Members in Thread

Flows

Messenger

Clients

Members

Workspace

Status Automations

Plans & Licenses

Approvals in Inbox

How to Set Up User-Defined Fields (UDFs) in Autotask for Approvals

Installing the Internal-Facing Companion App for Teams

Troubleshooting "You Don't Have Permission" Error in Teams

How to Use the Slack Companion App for Service Teams

Installing the Internal-Facing Inbox Companion App for Slack

Craft your White Labeled Thread Customer Rollout Campaign

Can I Get a Custom Teams or Slack Support App?

Multi-Language and Internationalization Support

How Notifications Work for your Customers

How to Manage Your Inbox Notifications

How Notifications Work for your Team

AI Privacy & Security Overview

Data & Encryption

What if my organization has IP or domain restrictions?

List of Sub-Processors

Accessing Thread invoice history and billing information

All Categories > Messenger > Teams Service App for your Customers > Microsoft Teams App Permissions

Microsoft Teams App Permissions

Updated 3 hours ago by Andy Althouse

Thread’s Microsoft Teams integrations use two connected applications to provide seamless collaboration between Teams and Thread Inbox: the Service App and the Companion App.

Service App → Installed in your clients’ Teams environment, this app allows end-users to chat directly with your service team, submit tickets, and collaborate within Teams. It powers the client-side communication experience between Microsoft Teams and Thread Inbox.
Companion App → Installed in your internal Teams environment, this app gives your technicians and service staff the ability to receive notifications, reply to messages, update tickets, and manage workflows directly from Teams. It connects your internal operations with client-side interactions.

Each permission listed below is required to ensure secure authentication, file sharing, and message delivery between Microsoft Teams and Thread. All permissions are requested through Microsoft Graph, using the least privilege necessary for functionality.

🔐 Permissions Overview

Permission	Type	Purpose	Used By
AppCatalog.Read.All	Application	Identifies if the Thread Service App is already installed in the organization’s Teams App Catalog.	Service App
AppCatalog.ReadWrite.All	Delegated	Uploads or updates Thread apps in the Teams catalog and migrates older versions by name.	Service App
Channel.Create	Application	Creates channels for dynamic or automated workflows (e.g., per-ticket or per-client flows).	Companion App
Channel.Delete.All	Application	Deletes temporary or dynamic channels automatically when a Thread is closed.	Companion App
Channel.ReadBasic.All	Application	Enables Thread to manage dynamic channels created for tickets or workflows.	Companion App
Chat.Create	Application	Creates group chats between members, contacts, or automation processes.	Service App
Chat.ReadWrite.All	Application	Sends and updates messages within Teams group chats.	Service App
ChatMember.ReadWrite.All	Application	Adds or removes Microsoft 365 users from group chats as needed.	Service App
ChatMessage.Read.All	Application	Reads chat messages to detect file attachments (required because Teams does not include this data in its onMessage event).	Service App
Domain.Read.All	Application	Reads domain information to assign a default domain to dummy users (used for iOS compatibility, as Teams mobile requires at least two chat members).	Service App
email	Delegated	Reads the user’s primary email address for identity and account linking.	Companion App, Service App
Files.Read.All	Application	Reads Microsoft 365 files to enable file sharing between Teams chats and Thread Inbox/PSA tickets.	Service App
Group.Read.All	Application	Enables Single Sign-On (SSO) between Microsoft Teams and Thread Inbox.	Companion App
offline_access	Delegated	Maintains continuous access to approved data without requiring re-authentication.	Companion App, Service App
openid	Delegated	Allows users to sign in with Microsoft 365 accounts and share basic profile information.	Companion App, Service App
Organization.Read.All	Application, Delegated	Retrieves organization and tenant details during onboarding (delegated during setup, application thereafter).	Companion App, Service App
profile	Delegated	Accesses basic profile data (name, picture, username, email).	Companion App, Service App
Sites.Read.All	Application	Downloads files from SharePoint for file sharing between Teams and Thread Inbox/PSA.	Service App
Team.ReadBasic.All	Application	Fetches Teams lists from Microsoft 365 to display in Thread Flows (future functionality).	Companion App
TeamsAppInstallation.ReadWriteAndConsentForChat	Application	Installs Thread Service Apps into Teams group chats automatically.	Service App
User.Read	Delegated	Required for SSO authentication.	Companion App, Service App
User.Read.All	Delegated	Retrieves user details and avatars for authentication and display.	Companion App, Service App
User.ReadWrite.All	Application	Creates dummy members for group chats when needed.	Service App

How did we do?

(opens in a new tab)

Microsoft Teams App Permissions

🔐 Permissions Overview

How did we do?

Related Articles Installing the Internal-Facing Companion App for Teams How to Deploy the Teams Service App Troubleshooting "You Don't Have Permission" Error in Teams

Contact

Related Articles

Installing the Internal-Facing Companion App for Teams

How to Deploy the Teams Service App

Troubleshooting "You Don't Have Permission" Error in Teams