Create Office 365 group for existing Team site

Question

I'm having issues calling&nbsp;Tenant.CreateGroupForSite&nbsp;using Azure AD App Only client context.&nbsp;&nbsp;I'm receiving the following exception.{"odata.error":{"code":"Authorization_RequestDenied","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"c9e74c5a-c5bf-4f2f-ae4e-5d2c29b619d6","date":"2018-07-03T11:50:08"}}&nbsp;&nbsp;I've given consent to delegated permission Group.ReadWrite.All.&nbsp;What am I missing? Isn't it supported to use an App Only context. It works fine in a user context.

deleted · Answer

do you have the Active directory read and write permissions in the app only context? as you need them as well.

michael schau · Answer

I've added Application permission&nbsp;Read and write directory data (Directory.ReadWrite.All), but it doesn't make a difference.&nbsp;Group.ReadWrite.All is added as Delegated permission as it doesn't exist as Application permission. Does this mean that it isn't possible&nbsp;to use an AppOnly context (no user context).&nbsp;&nbsp;&nbsp;

deleted · Answer

Please take a look at the site of John as he managed to do this&nbsp;http://johnliu.net/blog/2017/1/create-many-o365-groups-with-powershell-resource-owner-granttype-and-microsoft-graph
&nbsp;

michael schau · Answer

Thanks&nbsp;Deleted&nbsp;Appreciate it, however I don't see that there's an API for this in the Graph. Sure you can create a Group, but I need to "groupify" an existing SharePoint site collection.The SharePoint API is&nbsp;{siteUrl}/_api/GroupSiteManager/CreateGroupForSiteBut again, it cannot be called using AppOnly context.&nbsp;&nbsp;I guess the conclusion is that it is not possible yet.&nbsp;

deleted · Answer

Hi Michael,
&nbsp;
True it is not possibble yet but with the solution of John you could create a account which only can do what you want.
&nbsp;
Kind regards,
&nbsp;
&nbsp;
Paul

Forum Discussion

Create Office 365 group for existing Team site

Resources