Publish an app in the SharePoint store with the permissions set to full control for the site collection and allow app only calls. Then add an option for App Authentication in the ShareGate desktop app that uses the ClientId and ClientSecret from the app to authenticate.
A site collection admin can then add the app to their site, and allow any user with ShareGate to perform the migration.
Benefits include not having to log in, not having to grant site collection admin access, and the metadata would appear as ShareGate instead of the user performing the action.
For unattended workloads, like automated reports and backup run from, or DTAP, with Powershell I think it's really needed to have an AppID + Secret/Certificate as login option for SG Powershell. Microsoft is more or less forcing tenants in using these and they are much safer than to store admin username/passwords in scripts.
More and more clients have set their tenants such that the username/password simply returns 'You are not authorized', making the browser option the only option left. In unattended situations this is not an option..
A workable alternative would be to setup a Connection in PnP Powershell and re-use that connection in SG Powershell
Michael Pomfret commented
Help. I have written my migration scripts in CSOM PowerShell. Connecting to SPO In my organisation I am required to use an AppID and secret when connecting to SPO, but the Connect-Site command requires a username and password. Can I use an AppID and secret when using Sharegate's PowerShell modules?
Rolf Matthäi commented
This would be the right way to do ;). At least AppID / AppSecret authentication for O365 is highly recommended at our side.
it's boring to tape credentials 100 times / day.
First of all, you guys freaking ROCK!!!! I love the product and how incredibly talented your development team is to pump out updates and enhancements as fast as you do. That said...
It would be FANTASTIC if you had a lightweight server-side migration agent that could orchestrate migration jobs rather than running the full Sharegate client on the server and eating up system resources.
This agent could conceivably be combined with the Insane Mode client and could communicate asynchronously with the Sharegate client on user's system such that we can shutdown our system, disconnect from the internet, and reconnect to the server later from our client to check on the progress of the job and attend to any errors that may have arisen while away.
I don't often ask for this, but I would love to hear back on this particular request. :)