This article applies to harmon.ie Desktop and to the new harmon.ie.
Using harmon.ie, your emails and documents remain on your Microsoft tenant. The harmon.ie app connects directly to your M365 tenant or SharePoint on-premises servicer. There is no harmon.ie backend/server components.
Features in harmon.ie require consent to ensure fully secure and compliant usage.
During the download of harmon.ie desktop from our web site, you will be prompted to Accept the requested permissions. When the consent is accepted by a Microsoft 365 admin, it can be done once for all harmon.ie users. If the user that downloads harmon.ie isn't an M365 admin, they can accept the permissions for themselves, if the company policy allows them to do so.
For the new harmon.ie, consent is requested when launching the app for the first time.
Security note: harmon.ie only asks for delegated permissions, and not for application permissions. The effective permissions are the least privileged intersection of the delegated permissions harmon.ie has been granted (through consent) and the privileges of the currently signed-in user. harmon.ie cannot have more privileges than the signed-in user. As a result, harmon.ie users can never access SharePoint content they are not authorized to view. For more information, read Permissions and consent in the Azure Active Directory v1.0 endpoint.
harmon.ie uses Microsoft Entra ID permissions and consent.
Here are the requested permissions in harmon.ie 10.x and the new harmon.ie, and why they are required:
To verify that harmon.ie's requested permissions are properly configured:
Your administrator might have disabled the option to authorize third-party apps the access to Microsoft 365. In this case, you may fail to download harmon.ie.
To authorize harmon.ie app's access to Microsoft 365, ask your administrator to do the following: