Skip to main content
ContraForce Gamebooks for Identity Overview The ContraForce Gamebooks for Identity enterprise application is used to authorize Gamebook executions that target User entities. Specifically, the service principal requires User.ReadWrite.All and User.AuthenticationMethod.ReadWrite.All scopes. These scopes are consented with application (app-only) permissions, allowing the service principal to run Gamebook actions without a signed-in user present. Password Reset is the exception — it always requires delegated permissions in an on-behalf-of flow with a signed-in user. Because application actions execute unattended, operator control is enforced through Gamebook approval gates (only Workspace Owners can approve high-impact actions) and a complete audit trail in the Gamebooks History page. Gamebooks for Identity permissions
If you have any questions, contact us at support@contraforce.com.