You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Security Concerns: Microsoft Outlook calendar integration in ORC

in Recruiting, Opportunity Marketplace

Summary:

Hi everyone,

We are currently setting up the Microsoft Outlook calendar integration for Oracle Recruiting Cloud, and our Security team has raised a significant concern regarding the required Azure App permissions:

  • User.ReadBasic.All (or User.Read.All)
  • Calendars.ReadWrite


Content (please ensure you mask any confidential information):

The concern is that these are Application Permissions, which, by default, allow the app to read/write events for every user in our global tenant. This is seen as a high security risk.

I know that in Oracle Recruiting Cloud, recruiters will only see Busy and not see any meeting details, but the ReadWrite seems intrusive and it should not read any sensitive data (meeting details).

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!