UP Connector Azure Application permissions
Requirement Summary
The UP Connector uses Microsoft Graph API and Universal Print API to connect / register / manage print queues within the Microsoft Universal Print environment. In order for the connector to be able to function and use the required API's its necessary to grant the "OmniBridge App" in Azure with certain permissions. This document focuses on the required permissions.
Azure Active Directory Consent Framework
The YSoft Azure application is based on the Azure Active directory consent framework, more details on this framework can be found here Azure AD consent framework - Microsoft identity platform | Microsoft Docs.
Currently, the YSoft application is known as the "Omni Bridge App" within the Azure environment, please ignore the naming as this is still in technical preview, it is registered with APP ID: e5eedc46-ba66-44f3-9144-060c86eb5c5e. Since the connector is in Technical Preview, the application is not listed in the Azure market place. Azure administrators can find the application for pre-authorization using the APP ID provided.
Permissions Required
The following permissions are required by the Omni Bridge APP:
API | Type | Name | Description | Permission Details |
Microsoft Graph | Delegated | User.Read | Sign in and read users profile | Working with users in Microsoft Graph - Microsoft Graph v1.0 | Microsoft Docs |
Universal Print | Delegated | Printers.Create | Create (Register) new Printers | OEM Universal Print printer client ID registration - Universal Print | Microsoft Docs |
Universal Print | Application | PrinterProperties.ReadWrite | Read and write the properties and attributes of printers | |
Universal Print | Application | Printers.Read | Read Printers | |
Universal Print | Application | PrintJob.Read | Read the metadata and payload of users print job | |
Universal Print | Application | PrintJob.ReadWriteBasic | Read and Write the metadata of users print job |
Please note that only a user with the role of Application Administrator or higher is able to grant the consent, it is important that the application is authorized by the user with appropriate permissions. In the case of users who do not have the rights, the following message is displayed:
How to Grant Application Consent
You will be asked for the application consents while installing the UP Connector. You can see more details in the UP Connector Deployment section.