In this section, we'll see how Seclore permissions are aligned with SharePoint Online permissions.
How policy federation works
Seclore federates permissions from SharePoint Online so that security policies defined in Microsoft 365 are automatically applied to Seclore protected files, even after they are downloaded/extracted out of the Microsoft 365 system.
During every file access, Seclore dials back to Microsoft 365 to request for the user's current permissions on that file in Microsoft 365. These Microsoft 365 permissions are translated to Seclore permissions and enforced on the Seclore-protected file for the user.
The mapping between Microsoft 365 permissions and Seclore permissions is configurable for each 'Seclore for M365 connector deployment'. Here is the summary of the default mapping between Microsoft 365 permissions (SharePoint Online Permissions) and Seclore permissions.
Did we miss something? Not to worry! Just email our support team at support@seclore.com