Forum Discussion

Sudharsan K's avatar
Sudharsan K
Steel Contributor
Mar 16, 2020

Set-PnPUserProfileProperty with Application Permission in Azure Function

When using Set-PnPUserProfileProperty in Azure Function with Power Shell and the permissions has been defined using the Application Permission. Once connected to the admin site URL using client id, tenant and cert and try to update the User Profile Property, it throws the below error

Access denied. You do not have permission to perform this action or access this resource.

Attached the screenshot for the reference

 Below are the permissions given for the application in Azure API Permissions

 

Hope someone already have a solution!

  • AlexSen's avatar
    AlexSen
    Copper Contributor
    Have exactly same issue, Module version 3.19.2003.0.
    Set-PnPUserProfileProperty works without any issues.
    App has max possible permissions
    • Sudharsan K's avatar
      Sudharsan K
      Steel Contributor
      Hi,
      I used the latest version and I am still receiving the same issue, I am not able to update the User Profile Property.
  • RonLevy's avatar
    RonLevy
    Copper Contributor
    I run into the samme issue from an Azure Runbook.
    I added a Secret to my App-Reg and added App-Only (ACS) for that App-Reg (addinv.aspx on admin-site). I added Sites.FullControl.All and User.ReadWrite.All for Graph and SharePoint to the API-Permissions of my App-Reg.
    I then connected to the admin-site by client-id of my App-Reg and the secret:
    Connect-PnPOnline -Url $adminUrl -ClientId $clientId -ClientSecret $clientSecret
    With that, i was able to update the ups property.

    Set-PnPUserProfileProperty -Account $UserAccount -PropertyName "SBU" -Value $sbu

    May you can adapt the settings. Or this may help others...

Resources