// DOC: DEVELOPER_REFERENCE
BETA · v0.9

Documentation

Everything you need to deploy, configure, and manage IntegrityLayer for your clients. Three pages. That's all it takes.

01
Setup
Microsoft Entra & Google Workspace

Grant API permissions in 30 seconds. Configure your risk policy. Deploy to a client tenant. No MX changes.

Azure Entra AppGWS Marketplaceconfig.yml
Read docs →
02
API Scopes
Graph API · Gmail API · Permissions

Exact permission scopes requested, why each is needed, and how to verify them in the admin console.

Mail.ReadWritegmail.modifypubsub
Read docs →
03
Troubleshooting
Common issues & error codes

Webhook not firing? MFA challenge not arriving? Quarantine folder missing? Start here.

WebhooksTOTPGraph errors
Read docs →
Quick Start
setup · 30-second deploy
# Step 1: Grant API access (Microsoft)
1. Azure Portal → Enterprise Applications → New Application
2. Search "IntegrityLayer" → Grant admin consent
3. Copy tenant ID + client secret to dashboard
# Step 2: Configure risk policy
risk_threshold: 0.75
fail_mode: open
mfa_type: totp
# Step 3: Deploy to client tenant
MSP Dashboard → Add Client → Paste tenant ID
Webhooks register automatically via Graph API
Send test email with subject "wire transfer" to verify
_
Webhook Payload Reference
// POST /webhook/graph — Microsoft Graph notification
{
"value": [{
"subscriptionId": "string",
"changeType": "created",
"resource": "Users/[userId]/Messages/[messageId]",
"resourceData": { "id": "string" }
}]
}
Setup Guide →API Scopes →Troubleshooting →