Skip to main content

PowerMove Permissions

PowerMove requires various permissions to function effectively. Below is an overview of these permissions and their purposes.


Azure DevOps

  • Permission: vso.build_execute (Delegated)
    • Purpose: Allows Users to execute builds in PowerMove
  • Permission: vso.code_manage (Delegated)
    • Purpose: Allows Users to update version control from within PowerMove
  • Permission: vso.memberentitelmentmanagement_write (Delegated)
    • Purpose: Allows Admin Users to give PowerMove access to the DevOps Project
  • Permission: vso.serviceendpoint (Delegated)
    • Purpose: Allows Admin Users to create Dataverse service connections for PowerMove, needed for automated deploys


  • Permission: user_impersonation (Delegated)
    • Purpose: Grants Users the ability to access Dataverse from PowerMove, essential for managing solutions in the context of the users permission.

Microsoft Graph

  • Permission: openid (Delegated)
    • Purpose: Essential for authenticating Users in PowerMove through Microsoft Graph, facilitating secure sign-in processes.
  • Permission: Application.ReadWrite (Delegated)
    • Purpose: Essential for Admin Users to create dedicated Microsoft Entra Id Application for PowerMove, facilitating secure method for access to solution deployment.
  • Permission: Organization.Read.All (Delegated)
    • Purpose: Essential for PowerMove to identify the sign-in users by its Organization Name
  • Permission: User.Read (Delegated)
    • Purpose: Essential for displaying the current User in a good way in PowerMove.

PowerApps Service

  • Permission: User (Delegated)
    • Purpose: Provides Users access to the PowerApps Service API in PowerMove, enabling them to manage environments from PowerMove.

These permissions are vital for PowerMove to offer a comprehensive, integrated experience across various Microsoft services.