The Azure application allows ShareGate Desktop to identify to Microsoft 365 that it is running operations on your tenant through an access token. This will reduce throttling and improve performance on tasks between ShareGate Desktop and Microsoft 365. It also grants ShareGate Desktop rights to use certain Microsoft functionality, such as the Graph API.
The app can then use the permissions granted and delegated through the consent process to access your Azure resources as the user.
That means that ShareGate Desktop will have the same access on Azure resources as the user who is logged in.
As with all operations in ShareGate Desktop, your data remains secure.
Users need to consent to the Azure ShareGate Desktop application within the ShareGate Desktop app. You will be prompted to consent as soon as you log in to your environment. This option can be changed anytime in the permissions settings. When you consent, all SharePoint Online Administrators will have access to the Office Graph for Microsoft 365 Group creation.
If you usually run your operations on PowerShell, open the ShareGate Desktop application to consent, then continue operations as normal (there is no way to consent to the Azure Desktop application through PowerShell).
Note: The ShareGate Desktop application in Azure requires the Global Administrator permission level to consent to the app. If your account is not a Global Administrator, you can request that the Global Administrator consents for you. You cannot consent the app in a GCC or GCC High environment.
For more information, see Which permissions does the Azure ShareGate Desktop application need?