See also What is the Azure ShareGate Desktop application?
Note: We request consent for these permissions on behalf of Microsoft in order to grant the app delegated permissions on your tenant*. Permission delegation allows the app to impersonate your user and access your Azure resources. That means that ShareGate Desktop will have the same access on Azure resources as the user who is logged in. As with all operations in ShareGate Desktop, your data remains secure.
Permission |
Description |
| Access directory as the signed in user | Allows the app to have the same access to information in the directory as the signed-in user. |
| Read user files | Allows the app to read the signed-in user's files. |
| Read all groups | Allows the app to read basic group properties and memberships on behalf of the signed-in user. |
| Read and write all groups | Allows the app to create groups and read all group properties and memberships on behalf of the signed-in user. Additionally allows group owners to manage their groups and allows group members to update group content. |
| Sign in and read user profile | Allows users to sign in to the app, and allows the app to read the profile of signed-in users. It also allow the app to read basic company information of signed-in users. |
| Have full control of all site collections | Allows the app to have full control of all site collections on behalf of the signed-in user. |
| Read and write items and lists in all site collections | Allows the app to read, create, update, and delete document libraries and lists in all site collections on behalf of the signed-in user. |
| Read items in all site collections | Allows the app to read documents and list items in all site collections on behalf of the signed-in user. |
| Read and write items in all site collections | Allows the app to create, read, update, and delete documents and list items in all site collections on behalf of the signed-in user. |
| Read user files | Allows the app to read the current user's files. |
| Read and write user files | Allows the app to read, create, update, and delete the current user's files. |
| Run search queries as a user | Allows the app to run search queries and to read basic site info on behalf of the current signed-in user. Search results are based on the user's permissions instead of the app's permissions. |
| Read managed metadata | Allows the app to read managed metadata and to read basic site info on behalf of the signed-in user. |
| Read and write managed metadata | Allows the app to read, create, update, and delete managed metadata and to read basic site info on behalf of the signed-in user. |
| Read user profiles | Allows the app to read user profiles and to read basic site info on behalf of the signed-in user. |
| Read and write user profiles | Allows the app to read and update user profiles and to read basic site info on behalf of the signed-in user. |
*You can change these permissions at https://myapps.microsoft.com.