End users can sign in to the Backup portal with their own Microsoft 365 user credentials to read, download and restore their own backup data (excluding SharePoint & Teams data and Settings).
As part of the tenant's initial sign-in process, Global Admin account is needed to grant the backup application permissions that are needed to be able to perform backups and data restorations. Also, Microsoft requires app permissions to be granted for users other than Global Admin, in order for them to access the Backup portal. App permissions can be granted on behalf of the entire Organization, or for selected end-users or user groups.
Grant app permissions for all users in the tenant:
Global Administrator can grant app permissions for the entire Organization. If permissions are granted on behalf of the entire Organization, it applies directly to all users in the tenant.
Log in to Microsoft Entra admin center using the tenant's Global Admin account.
Select: Applications > Enterprise applications
Search for and select the Shield Cloud application.
Note
Note that there are two Shield Cloud applications listed. Be sure to select this one:
Shield Cloud
Object ID: 126f3afb-0262-4848-bf7d-2089f0bd0009
Application ID: facd4a2d-cbd2-4095-bfa8-ac9c819f843e
Select Permissions under Security.
On Permissions tab, click Grant admin consent for [the organization]
Grant app permissions for selected users or user groups:
You can also define the users and/or user groups that will be granted permissions to the backup application.
Select: Application > Enterprise applications > Shield Cloud
Note
Note that there are two Shield Cloud applications listed. Be sure to select this one:
Shield Cloud
Object ID: 126f3afb-0262-4848-bf7d-2089f0bd0009
Application ID: facd4a2d-cbd2-4095-bfa8-ac9c819f843e
Click 1. Assign users and groups to provide specific users and/or groups access to the application.
Next, click Add user/group. Select the users / users groups and role (e.g. Default access) and assign the app-role for the selected users to gain access.