Azure AD Application Required Permissions
Below are all of the permissions required to be configured on the Azure AD App Registration. Some are optional depending upon the features of BI for Intune that you intend to enable. See Create Azure AD App Registration for more information.
Prerequisites: The user configuring these permissions requires Global Admin and Subscription Admin rights.