| DeviceManagementManagedDevices.PrivilegedOperations.All |
5b07b0dd-2377-4e44-a38d-703f09a0dc3c |
Perform user-impacting remote actions on Microsoft Intune devices |
Allows the app to perform remote high impact actions such as wiping the device or resetting the passcode on devices managed by Microsoft Intune, without a signed-in user. |
| DeviceManagementManagedDevices.Read.All |
2f51be20-0bb4-4fed-bf7b-db946066c75e |
Read Microsoft Intune devices |
Allows the app to read the properties of devices managed by Microsoft Intune, without a signed-in user. |
| DeviceManagementManagedDevices.ReadWrite.All |
243333ab-4d21-40cb-a475-36241daa0842 |
Read and write Microsoft Intune devices |
Allows the app to read and write the properties of devices managed by Microsoft Intune, without a signed-in user. Does not allow high impact operations such as remote wipe and password reset on the device’s owner |