Bulk update SPO user profile properties API with App Only permissions

Copper Contributor

I am trying to implement an job using SharePoint user profile bulk update API  and would like to run on schedule basis with 'App Only' permissions. I am able to connect to SharePoint online but get access denied for the operation 'QueueImportProfileProperties' even though I grant it tenant admin rights. 


Can someone tell me what permissions do I grant with Client Id on sharepoint or Azure AD to use the bulk import API with App Only permissions.


3 Replies

Wondering the same, did you find out?

Yes, I was able to implement using app only permissions. In order to connect to the import api, we would need to grant the app principal admin rights on the social API. You will need to navigate to the sharepoint online admin center and then navigate to the app permission page (_layouts/15/appinv.aspx). Use the below permission xml which grants tenant admin rights and admin rights on social api.


<AppPermissionRequests AllowAppOnlyPolicy="true" > 

        <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" /> 

        <AppPermissionRequest Scope="http://sharepoint/social/tenant" Right="FullControl" /> 



I would suggest make a connection using Admin credential and start processing: this will help: https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/bulk-user-profile-update-api-for-s...