User rights to migrate only some mailboxes

Occasional Contributor

Hi all,


is it possible to create a user with the rights to migrate to another tenant only some mailboxes?

I need to be sure that this user can't access to other mailboxes except those involved in the migration.


Thank you in advance

3 Replies
That depends on the migration tool/method, so you might as well elaborate on how you're planning to migrate? If using EWS or the Graph API, you can restrict access via the so-called Application access policies:

Thank you @Vasil Michev for the reply, we need to migrate only the user mailboxes and the shared.

The tool that the parent company want to use is "codetwo".

You can create a user account with limited access rights. You'll simply need to manually assign Application Impersonation and View-Only Configuration roles ( and limit their scope.