Overview
When connecting Opensense to Outreach, an Outreach administrator must authorize Opensense via OAuth. This article explains the four permissions Opensense requests, what data each permission accesses, and why it is required for the integration to function.
Required permissions
The table below lists each OAuth scope Opensense requests during the authorization flow, along with its purpose.
Permission | What it accesses | Why Opensense needs it |
|---|---|---|
| Outreach user records | Reads user profile data (name, title, email, phone) to populate and sync Opensense signature fields for each sender. |
| Team structures and membership | Reads team and group membership to correctly assign users to Opensense groups during sync. |
| Outreach mailbox configurations | Reads and writes to Outreach mailbox settings to push the Opensense signature block to each user. This permission applies to Outreach mailbox records only. It does not grant access to the underlying email accounts (Microsoft 365, Google Workspace, or otherwise). |
| Outreach prospect records | Reads prospect data to support recipient-based banner targeting. When a user sends an email through Outreach, Opensense can query prospect records to determine which banner campaign to display based on the recipient. |
Scope of access
Opensense requests only the permissions required to sync user data, deliver signatures, and support recipient-based targeting. Opensense does not access sequences, emails, calls, tasks, or any other Outreach data beyond what is listed above.
mailboxes.allis the only permission that includes write access. It is scoped to Outreach's internal mailbox configuration, not to your organization's email accounts. Opensense uses it solely to write signature content to Outreach sender profiles.
Revoking access
If you need to disconnect the integration, you can revoke Opensense's OAuth access from within Outreach's connected applications settings or from the Opensense portal under Manage → Domain Settings → Integrations → Outreach.