Application

Permission ID Purpose Description
DeviceManagementManagedDevices.PrivilegedOperations.All 5b07b0dd-2377-4e44-a38d-703f09a0dc3c Perform user-impacting remote actions on Microsoft Intune devices Allows the app to perform remote high impact actions such as wiping the device or resetting the passcode on devices managed by Microsoft Intune, without a signed-in user.
DeviceManagementManagedDevices.Read.All 2f51be20-0bb4-4fed-bf7b-db946066c75e Read Microsoft Intune devices Allows the app to read the properties of devices managed by Microsoft Intune, without a signed-in user.
DeviceManagementManagedDevices.ReadWrite.All 243333ab-4d21-40cb-a475-36241daa0842 Read and write Microsoft Intune devices Allows the app to read and write the properties of devices managed by Microsoft Intune, without a signed-in user. Does not allow high impact operations such as remote wipe and password reset on the device’s owner

Delegated

Permission ID Purpose Description
DeviceManagementManagedDevices.PrivilegedOperations.All 3404d2bf-2b13-457e-a330-c24615765193 Perform user-impacting remote actions on Microsoft Intune devices Allows the app to perform remote high impact actions such as wiping the device or resetting the passcode on devices managed by Microsoft Intune.
DeviceManagementManagedDevices.Read.All 314874da-47d6-4978-88dc-cf0d37f0bb82 Read Microsoft Intune devices Allows the app to read the properties of devices managed by Microsoft Intune.
DeviceManagementManagedDevices.ReadWrite.All 44642bfe-8385-4adc-8fc6-fe3cb2c375c3 Read and write Microsoft Intune devices Allows the app to read and write the properties of devices managed by Microsoft Intune. Does not allow high impact operations such as remote wipe and password reset on the device’s owner.