Email Based Discovery FAQ

What are the benefits of using email based discovery?

https://business.saymine.com/articles/introducing-email-navigator-our-unmatched-data-discovery-method

 

How to setup email based discovery?

Email (and other) discovery tools are setup using the Radar tool in the application. See Instructions

 

What permissions does Mine require for email based discovery?

Please see the table below for the permissions required depending on the provider you use.

 

Microsoft 365

Permission Scope Usage

User.Read.All

Allows the app to read user profiles without a signed in user.

 

Sync employees list and show who has access to which system

Organization.Read.All

Allows the app to read the organization and related resources, without a signed-in user. Related resources include things like subscribed skus and tenant branding information.

 

Sync employees list and show who has access to which system

Mail.Read

Allows the app to read mail in all mailboxes without a signed-in user.

 

Analyze email metadata (from,to,subject,date) to detect systems employees are using

Directory.Read.All

Allows the app to read data in your organization's directory, such as users, groups and apps, without a signed-in user.

 Sync employees list and show who has access to which system

Microsoft Graph API permissions reference: https://learn.microsoft.com/en-us/graph/permissions-reference

 

Google Workspaces

Permission Scope Usage

admin.directory.user.readonly

Scope for only retrieving users or user aliases.

 

Sync employees list and show who has access to which system

gmail.readonly

Read all resources and their metadata—no write operations.

Analyze email metadata (from,to,subject,date) to detect systems employees are using

 

Google APIs permissions reference: