Forum Discussion
When to use isolated SPFX webpart?
I am creating a SPFX webpart that will consume an Azure Function and the Azure Function is configured for AAD authentication. Very similar to the steps described in this https://www.vrdmn.com/2018/02...
Hi @Suleman
SPFx web parts which Web API using WebApiPermissionRequests requires SharePoint / Global Admin approval through admin center. Once approved, other web parts can use similar permissions even though they are not in particular site collection. Using Isolated SPFx web part is solution to that problem. When Isolated SPFx web part request Web API permissions, permissions are only granted to that web part through unique ID of that SPFx web part by Azure AD. All calls to Web API only receive valid access token if Web API calls goes through that same SPFx web part. In that way, Web API permissions approval is Isolated to specific web part.
SPFx web parts which Web API using WebApiPermissionRequests requires SharePoint / Global Admin approval through admin center. Once approved, other web parts can use similar permissions even though they are not in particular site collection. Using Isolated SPFx web part is solution to that problem. When Isolated SPFx web part request Web API permissions, permissions are only granted to that web part through unique ID of that SPFx web part by Azure AD. All calls to Web API only receive valid access token if Web API calls goes through that same SPFx web part. In that way, Web API permissions approval is Isolated to specific web part.