Veritas Alta™ SaaS Protection Administrator's Guide
- Section I. Introduction to Veritas Alta™ SaaS Protection
- Section II. Administration
- Section III. Manage backups (connectors)
- Overview
- About backup jobs (connectors)
- Overview for adding backup jobs (connectors)
- Configuring the capture scope
- Configuring credentials
- Configuring Delete and Stub policies
- Apps Consent Grant utility
- Backup Exchange Online mailboxes
- Adding connectors for Exchange Online data
- Configuring the capture scope for Exchange connectors
- Configuring the capture scope for Exchange connectors
- Backup SharePoint Online
- Supported SharePoint Online sites and data for backup and restore
- Adding backup jobs (connectors) for SharePoint Online sites and data
- Backup Teams Sites collections
- Backup OneDrive for Business
- Backup Teams chats
- Backup Audit logs
- Backup Google Drive data
- Backup Gmail data
- Backup Salesforce data
- Backup Entra ID (Azure AD) objects
- Backup Box data
- Backup Slack data
- Backup EML data
- Managing backup jobs (connectors)
- Backup jobs (connectors) statuses
- Browsing the backed-up data
- Events
- Overview
- Section IV. Manage restores
- About restore
- Prerequisites for data restore
- Restore dashboard
- Restore Exchange Online mailboxes
- Restore SharePoint Online data
- Restore Teams chats and Teams Channel conversations
- Restore Audit logs
- Restore Box data
- Restore Google Drive data
- Restore Gmail data
- Restore Salesforce data and Metadata
- Restore Salesforce Metadata to the same or another organization
- Restore Entra ID objects
- Restore Slack data
- Restore data to File server
- Restore options
- Section V. Manage data sharing
- Section VI. Manage data downloads
- Section VII. Manage Stors (Storages)
- Section VIII. Policies to manage the backed-up data
- About policies in Veritas Alta™ SaaS Protection
- Configuring policies for data retention (WORM policies)
- Configuring policies for data deletion (Deletion policy)
- Configuring policies for data tiering (Tiering policy)
- Configuring Tagging polices
- Managing policies
- Section IX. Manage users and roles
- Section X. Manage Discovery cases and searches
- Section XI. Manage Scopes
- Section XII. Manage auditing
API permissions for SharePoint, OneDrive for Business, and Teams Sites Collections
If you use the M365 App Registrations mode to configure connectors for your SharePoint, OneDrive for Business, and Teams Sites Collections workloads, Veritas Alta SaaS Protection must have the API permissions listed in the following table. A single app has all the following permissions assigned to the workload being backed up by the connector.
Table: List of API permissions required for SharePoint, OneDrive for Business, and Teams Sites Collections for backup and restore
Used by Veritas Alta™ SaaS Protection: | ||||
---|---|---|---|---|
Microsoft Graph | Sites.ReadWrite.All | Read and write items in all site collections. | Allows the app to create, read, update, and delete documents and list items in all site collections without a signed in user. | To fetch list items from lists in SharePoint sites/Teams sites and One Drives during incremental backups. |
Directory.Read.All | Read directory data. | Allows the app to read data in your organization's directory, such as users, groups and apps, without a signed-in user. | To fetch channel information for backup and restore of Teams Wikis. | |
Office 365 SharePoint Online | User.ReadWrite.All | Read and write user profiles. | Allows the app to read and update user profiles and to read basic site info without a signed-in user. | To query user profile service for list of users during backup (applicable only for Basic auth). |
TermStore.ReadWrite.All | Read and write managed metadata. | Allows the app to write enterprise-managed metadata and to read basic site info without a signed-in user. | To backup and restore managed metadata for SharePoint list items. | |
Sites.Manage.All | Read and write items and lists in all site collections. | Allows the app to read, create, update, and delete document libraries and lists in all site collections without a signed in user. | To create SharePoint lists during restore. | |
Sites.ReadWrite.All | Read and write items in all site collections. | Allows the app to create, read, update, and delete documents and list items in all site collections without a signed in user. | To backup, restore, and stub list items SharePoint sites/Teams sites and One Drives. | |
Sites.FullControl.All | Have full control of all site collections. | Allows the app to have full control of all site collections without a signed-in user. | To backup and restore role assignments of objects in SharePoint sites/Teams sites and One Drives Capture ACLs for various SharePoint objects. |