ShareGate Apricot requires permissions to access the following Microsoft APIs:
- Microsoft Graph
- Office 365 SharePoint Online
- Windows Azure Active Directory
There are two types of required permissions:
- Application Permissions
- Define what ShareGate Apricot is allowed to do within your tenant independently, without a signed in user.
- Delegated Permissions
- Define what ShareGate Apricot is allowed to do within your tenant on behalf of the signed-in user.
ShareGate Apricot needs access to specific resources on your Office 365 tenant to work properly. You need to provide your consent for Apricot to obtain this access.
The following permissions are required:
Microsoft Graph
|
Permission |
Type |
Reason |
| Read all groups | Application Delegated |
The app can list your groups including their properties and membership. |
| Read items in all site collections | Application Delegated |
The app can access your SharePoint information and user activity. |
| Read directory data | Application Delegated |
The app can get information from your directory (users, groups, apps, etc.). |
| Read and write directory data | Application |
The app can read and write data in your directory without a user logged in. Does not grant the app the ability to delete a user or group. |
| Read and write all groups | Application |
The app can remove a group when an owner requests and archive or restore a group when an administrator requests it. |
| Send mail as any user | Application | The app can send notifications to the owner of the group. |
Office 365 SharePoint Online
|
Permission |
Type |
Reason |
| Read items in all site collections | Application | The app can read your SharePoint data to get your user activity. |
| Read directory data | Application | The app can read the data (users, groups, apps, etc.) in your directory. |
| Full control | Application | The app can copy your content (used for Archive only). |
Windows Azure Active Directory
|
Permission |
Type |
Reason |
| Sign in and read user profile | Delegated |
Grants admin users access to ShareGate Apricot. Only Global, SharePoint, and Groups Admins are allowed to sign in. |
| Read directory data | Application |
Grants admin users access to ShareGate Apricot. Only Global, SharePoint, and Groups Admin are allowed to sign in. |
Comments
0 comments
Article is closed for comments.