The Azure application allows ShareGate Desktop to identify to Office 365 that it is running operations on your tenant through an access token. This will reduce throttling on tasks between ShareGate Desktop and Office 365. It also grants ShareGate Desktop rights to use certain Microsoft functionality, such as the Graph API.
The app uses permission delegation to impersonate your user and access your Azure resources. That means that ShareGate Desktop will have the same access on Azure resources as the user who is logged in. As with all operations in ShareGate Desktop, your data remains secure.
Users need to consent to the Azure ShareGate Desktop application within the ShareGate Desktop app. You will be prompted to consent as soon as you login to your environment. This option can be changed anytime in the permissions settings. When you consent, all SharePoint Online Administrators will have access to the Office Graph for Office 365 Group creation.
If you usually run your operations on PowerShell, open the ShareGate Desktop application to consent, then continue operations as normal (there is no way to consent to the Azure Desktop application through PowerShell).
Note: The ShareGate Desktop application in Azure requires the Global Administrator permission level to consent to the app. If your account is not a Global Administrator, you can request that the Global Administrator consents for you.
See also:
Which permissions does the Azure ShareGate Desktop application need?
Comments
1 comment
This does not work with GCC High correctly. Tells me that I need consent from an admin. I sign in as admin, consent, and it gives the same errors. There is something wrong with the way your program deals with O365 groups within GCC High. Even before the Teams feature, it would create the O365 group, but would not add any users to it.
Please sign in to leave a comment.