PowerMove Permissions

PowerMove requires various permissions to function effectively. Below is an overview of these permissions and their purposes.

Azure DevOps

Permission: vso.build_execute (Delegated)
- Purpose: Allows Users to execute builds in PowerMove
Permission: vso.code_manage (Delegated)
- Purpose: Allows Users to update version control from within PowerMove
Permission: vso.memberentitelmentmanagement_write (Delegated)
- Purpose: Allows Admin Users to give PowerMove access to the DevOps Project
Permission: vso.serviceendpoint (Delegated)
- Purpose: Allows Admin Users to create Dataverse service connections for PowerMove, needed for automated deploys

Permission: user_impersonation (Delegated)
- Purpose: Grants Users the ability to access Dataverse from PowerMove, essential for managing solutions in the context of the users permission.

Permission: openid (Delegated)
- Purpose: Essential for authenticating Users in PowerMove through Microsoft Graph, facilitating secure sign-in processes.
Permission: Application.ReadWrite (Delegated)
- Purpose: Essential for Admin Users to create dedicated Microsoft Entra Id Application for PowerMove, facilitating secure method for access to solution deployment.
Permission: Organization.Read.All (Delegated)
- Purpose: Essential for PowerMove to identify the sign-in users by its Organization Name
Permission: User.Read (Delegated)
- Purpose: Essential for displaying the current User in a good way in PowerMove.

Permission: User (Delegated)
- Purpose: Provides Users access to the PowerApps Service API in PowerMove, enabling them to manage environments from PowerMove.

These permissions are vital for PowerMove to offer a comprehensive, integrated experience across various Microsoft services.