When using Gem Scheduling with Microsoft 365, we're able to provide the level of automation that we do by connecting to your Outlook system. This powers our scheduling workflow by allowing us to see when interviewers are available, to create calendar events for the candidate and interviewers, and to check the availability of rooms.
The permissions that we request when you sign into Gem Scheduling are the minimum necessary for us to provide our functionality. The main resources we request are for users, calendars, and places (rooms).
Permissions
Here's a breakdown of the permissions and why we need each one:
- Sign in and read user profile: This allows users to use their Microsoft 365 account to sign into Gem Scheduling. We only allow users to sign in with their Microsoft 365 (i.e., users don't create passwords for Gem Scheduling), which eliminates a class of security vulnerabilities.
- Read and write user and shared calendars: This allows Gem Scheduling to create events onto calendars that the signed-in user has access to. We create events on behalf of this user to coordinate interviews for both the candidate and the interviewers.
- Read calendars in all mailboxes: This allows Gem Scheduling to only read events on all calendars. We use this information when generating a viable time and panel for an interview to find what times interviewers are available.
- Read all company places: This allows Gem Scheduling to list all conference rooms within the account. We use this information to be able to see what times rooms are available when a room is needed for an interview.
- Read all users' full profiles: This allows Gem Scheduling to list all users within the account. We use this information to construct the list of potential interviewers.
Admin consent
Some of these permissions requires us to get the consent of a Microsoft 365 administrator before you're able to log in and use Gem Scheduling. For more details about this process, read our article on it here.