How to connect regular (non admin) 365 users to Toggl

Ask the Community
1

Post Title: How to connect regular (non admin) 365 users to Toggle

Your Question/Topic: Trying to help a client, who is considering this product. When wanting to sync Outlook calendar (from MacOS Outlook Desktop app), she is asked to “allow 365 tenant access”, but she is a non-admin 365 user, so using her own 365 credentials doesn’t work for access. IF providing Global Admin credentials, access is allowed, but only Global Admin account’s calendar is available afterwards.
How to allow Toggl (least pviviledge) access to necessary 365 services, so that non-admin 365 users can synch their Outlook calendars afterwards?

:bulb: Helpful Tips for Best Answers:

  • Be clear and concise.
  • Check if your question has been asked before. :mag:
  • Be respectful and thank those who help. :slight_smile:
2

Thanks for reaching out - this is a common setup question with Microsoft 365 integrations.

What’s happening:

The “allow 365 tenant access” prompt is requesting tenant-wide admin consent for the Toggl integration. This is a one-time setup that requires a Global Admin to authorize Toggl to connect to your organization’s Microsoft 365 environment.

The correct process:

  1. Global Admin grants consent (one time): A Global Admin needs to authorize the Toggl app at the tenant level. This doesn’t give Toggl access to everyone’s calendars automatically - it just allows the integration to exist within your organization.
  2. Individual users connect their calendars: After tenant consent is granted, each non-admin user can then authenticate with their own credentials to sync their personal calendar. They won’t need admin rights for this step.

The issue you’re experiencing:

If only the Global Admin’s calendar is appearing, it sounds like the admin completed the consent and connected their own calendar, but other users haven’t gone through the individual authentication step yet.

Next steps:

  1. Confirm tenant-wide consent has been granted by your Global Admin
  2. Have the non-admin user log out of the Toggl calendar integration and reconnect
  3. When prompted, they should authenticate with their own Microsoft 365 credentials (not the admin’s)
  4. Their personal calendar should then sync

Regarding least privilege access:

The permissions Toggl requests should be calendar-specific (typically Calendars.Read or similar). Your Global Admin can review the exact permissions being requested during the consent flow. Unfortunately, Microsoft’s architecture requires admin consent for third-party apps at the tenant level, but this doesn’t grant broad access - it’s scoped to what the app requests.

If this still doesn’t work:

Could you confirm:

  • Has the non-admin user tried reconnecting after tenant consent was granted?
  • Are there any conditional access policies or app restrictions in your Microsoft 365 tenant that might be blocking user-level authentication?

Let me know how it goes!