Below is a list of the Microsoft Graph permissions requested by the current version of the Lightning Forms Suite. You may choose not to approve permissions that are not essential to your use case.
All permissions listed are "Delegated" and require approval from either a Global or Application Administrator. Approval can be managed on the API Access page within the SharePoint Admin Center. Once approved, these permissions will appear under the SharePoint Online Client Extensibility Web Application Principal in Entra ID for your tenant.
Permissions List
Directory.Read.All
Added in version 3.1.0.0
This permission is required if you intend to test whether a user is a member of an Entra ID (formerly Active Directory) Group using the [@User.IsMemberOfAADGroup] placeholder.
Mail.Send
Added in version 3.3.0.0
This permission is necessary if you plan to use the updated "Send Email" action in the Action Builder. It allows sending emails outside of your organization.
Mail.ReadWrite
Added in version 3.6.0.0
This permission enables sending attachments larger than 3 MB when using the "Send Email" action.
Team.ReadBasic.All
Added in version 3.7.0.0
Required for the new ‘Teams’ Data source option for the Data lookup control. Selecting this option allows you to return teams in the organization (SharePoint online only).
TermStore.ReadWrite.All
Added in version 3.7.0.0
This was added for the integrated modern term store picker. Specifically, this permission is required when the ‘Allow users to type new values’ option is set on the Managed Metadata field, to allow the creation of new terms.