App permissions of Web App
The following optional claims are included in the access token. Cohesity Alta SaaS Protection uses an OpenID Connect-based authentication layer, where these claims support effective authentication and authorization, especially for SIEM integrations. These claims provide information about the user but do not grant additional access. They are required if a Web App is deployed.
Table:
Permission | Used by Cohesity Alta SaaS Protection | |||
|---|---|---|---|---|
User.Read | User.Read | Delegated | Sign in and read the user profile. | To include in the access token. |
profile | profile | Delegated | View users' basic profile. | To include in the access token. |
openid | openid | Delegated | Sign users in. | To include in the access token. |
offline_access | offline_access | Delegated | Maintain access to data you have given it access to. | To include in the access token. |