This article explains how to manage user access to ShareGate Management. For information on how to manage user access to the migration tool, see How can I manage access to ShareGate's migration tool?
Who has access to ShareGate Management?
Once a global administrator has consented ShareGate, any global administrator, SharePoint administrator, or groups administrator can log in to ShareGate Management with their Microsoft 365 account.
When using PowerShell to manage admin roles in Azure AD, use the ObjectID:
- f28a1f50-f6e7-4571-818b-6a12f2af6b6c (SharePoint admin)
- 62e90394-69f5-4237-9190-012177145e10 (global admin)
- fdd7a751-b60b-444a-984c-02652fe8fa1c (groups admin)
Note: If a user's role assignment is granted through Azure Privileged Identity Management (PIM), they will not be able to access ShareGate Management.
Team and group owners will be contacted by email or our ShareGate Teams chatbot when their input is needed. They do not have access to ShareGate directly.
How can I restrict access to ShareGate Management?
You can restrict user access to ShareGate Management through the Azure Portal with the steps below:
- Sign in to your Microsoft Azure portal as a global administrator.
- Navigate to the Enterprise applications service (either through the search bar or from the Azure services section).
- Use the search field to find ShareGate.
- In the list of your applications, select ShareGate Management. You will be brought to the Overview page.
Note: If you consented ShareGate prior to February 14, 2022, ShareGate Management may be named ShareGate Apricot in Azure.
- From the menu, under Manage, select Properties.
- Set Assignment required? to Yes.
- Click Save.
- From the menu, under Manage, click Users and groups.
From the Users and groups page, you can now add users to grant access or remove users to remove access.