Home > Manage Apps > Manage App Profiles for Microsoft Tenants > API Permissions Required by Default AvePoint Apps for Microsoft Tenants > Delegated App
Export to PDFDelegated App
When you create an app profile for the Delegated app, the AvePoint Online Services – Delegated App will be automatically set up in your Microsoft Entra ID. Refer to the following sections to see the delegated permissions that should be accepted when you authorize AvePoint Online Services – Delegated App.
Cloud Backup for IaaS + PaaS
| API | Permission | Purpose | Is newly required? |
|---|---|---|---|
| Azure Service Management | user_impersonation(Access Azure Service Management as organization users [preview]) | Allows the application to access Azure Service Management as you. | No |
Cloud Backup for Microsoft 365
When consenting to the Cloud Backup for Microsoft 365 delegated app profile, the consent user must have the Microsoft 365 Global Administrator role. For details, refer to the section in the Cloud Backup for Microsoft 365 user guide.
| API | Permission | Purpose | Is newly required? |
|---|---|---|---|
| Microsoft Graph | openid(Sign users in) | Allows to authenticate users by retrieving their consent. | No |
| Microsoft Graph | profile(View users’ basic profile) | Retrieves users’ profile information. | No |
| Microsoft Graph | offline_access(Maintain access to data you have given it access to) | Maintains access over an extended period without requiring the user to re-authorize frequently | No |
| Microsoft Graph | Group.ReadWrite.All(Read and write all groups) | Retrieves the conversation thread. | No |
| Microsoft Graph | ChannelMessage.Send(Send channel messages) | Sends messages to channels in Microsoft Teams. | No |
| Microsoft Graph | TeamMember.ReadWrite.All(Add and remove members from teams) | Adds members to Microsoft Teams. | No |
| Microsoft Graph | ChannelMember.ReadWrite.All(Add and remove members from channels) | Adds members to channels in Microsoft Teams. | No |
| Microsoft Graph | Directory.Read.All(Read directory data) | Retrieves the profile and domain information of all users in your Microsoft 365 tenant. | No |
| Commercial environment: Power BI ServicesGCC or GCC High environment: Microsoft Power BI Government Community Cloud | Tenant.ReadWrite.All(Read and write all content in tenant) | Retrieves the workspaces and backs up or adds users to a workspace. | No |
| Commercial environment: Power BI ServicesGCC or GCC High environment: Microsoft Power BI Government Community Cloud | Workspace.ReadWrite.All(Read and write all workspaces) | Gets and restores workspaces | No |
| Commercial environment: Power BI ServicesGCC or GCC High environment: Microsoft Power BI Government Community Cloud | Capacity.Read.All(View all capacities) | Retrieves capacities (including multi-geo) | No |
| Commercial environment: Power BI ServicesGCC or GCC High environment: Microsoft Power BI Government Community Cloud | Report.ReadWrite.All(Read and write all reports) | Performs backup for reports. | No |
| Commercial environment: Power BI ServicesGCC or GCC High environment: Microsoft Power BI Government Community Cloud | Dataset.ReadWrite.All(Read and write all datasets) | Performs backup and restore for reports. | No |
| Commercial environment: PowerApps ServiceGCC environment: PowerApps Service – GCCGCC High environment: PowerApps Service – GCC L4 | User(Access the PowerApps Service API) | Retrieves information on Cloud Flows in Power Automate. | No |
| Commercial environment: Dynamics CRMGCC or GCC High environment: Dataverse | user_impersonation(Access Common Data Service as organization users) | Retrieves information on Desktop Flows and Business Process Flows in Power Automate. | No |
On this page