According to this doc-

https://www.retrospect.com/en/support/kb/macos_full_disk_access

We need to give Full Disk Access to both RetrospectInstantScan and RetrospectEngine. For this we need to find out the App Identifier and Code Requirements for each. The Retrospect Client application is in /Library/PreferencePanes, and the RetrospectInstantScan item is in /Library/Application Support/Retrospect

For these examples the first line is the command, the subsequent lines are the response. Base command in red

My_Retrospect_Client:~ admin$ codesign -dv /Library/PreferencePanes/Retrospect.prefPane
Executable=/Library/PreferencePanes/Retrospect.prefPane/Contents/MacOS/Retrospect
Identifier=com.retrospect.Retrospect
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20500 size=741 flags=0x10000(runtime) hashes=16+3 location=embedded
Signature size=9013
Timestamp=25 Sep 2021 at 5:25:24 pm
Info.plist entries=25
TeamIdentifier=D6GKVRCPWS
Runtime Version=10.14.0
Sealed Resources version=2 rules=13 files=16
Internal requirements count=1 size=188

 

My_Retrospect_Client:~ admin$ codesign -dr – /Library/PreferencePanes/Retrospect.prefPane
Executable=/Library/PreferencePanes/Retrospect.prefPane/Contents/MacOS/Retrospect
designated => identifier “com.retrospect.Retrospect” and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = D6GKVRCPWS

 

That gives us the details for the App, now what about the scanner?

My_Retrospect_Client:~ admin$ codesign -dv /Library/Application\ Support/Retrospect/RetrospectInstantScan.app
Executable=/Library/Application Support/Retrospect/RetrospectInstantScan.app/Contents/MacOS/RetrospectInstantScan
Identifier=com.retroisa.engine
Format=bundle with Mach-O thin (x86_64)
CodeDirectory v=20500 size=2943 flags=0x10000(runtime) hashes=85+3 location=embedded
Signature size=9013
Timestamp=25 Sep 2021 at 5:25:49 pm
Info.plist entries=22
TeamIdentifier=D6GKVRCPWS
Runtime Version=10.14.0
Sealed Resources version=2 rules=13 files=23
Internal requirements count=1 size=180

 

My_Retrospect_Client:~ admin$ codesign -dr – /Library/Application\ Support/Retrospect/RetrospectInstantScan.app Executable=/Library/Application Support/Retrospect/RetrospectInstantScan.app/Contents/MacOS/RetrospectInstantScan
designated => identifier “com.retroisa.engine” and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = D6GKVRCPWS

So we can see that we need these 4 bits of information, and each item also needs 2 sets of permissions. Here is a screenshot of what it looks like in Mosyle under Management Profiles/ Security & Privacy/ Privacy

 

You can also simply allow the Team Identifier, but this is perhaps a more secure method.
Thanks to Addigy for providing the documentation, fake thanks to Retrospect and Mosyle for not documenting this.

https://support.addigy.com/hc/en-us/articles/4403542467091-Creating-an-MDM-payload-for-Full-Disk-Access-FDA-