Jul 03 2018 05:27 AM - edited Jul 03 2018 05:28 AM
I'm having issues calling Tenant.CreateGroupForSite using Azure AD App Only client context.
I'm receiving the following exception.
{"odata.error":{"code":"Authorization_RequestDenied","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"c9e74c5a-c5bf-4f2f-ae4e-5d2c29b619d6","date":"2018-07-03T11:50:08"}}
I've given consent to delegated permission Group.ReadWrite.All.
What am I missing? Isn't it supported to use an App Only context. It works fine in a user context.
Jul 03 2018 10:21 PM
do you have the Active directory read and write permissions in the app only context? as you need them as well.
Jul 04 2018 01:17 AM
I've added Application permission Read and write directory data (Directory.ReadWrite.All), but it doesn't make a difference.
Group.ReadWrite.All is added as Delegated permission as it doesn't exist as Application permission. Does this mean that it isn't possible to use an AppOnly context (no user context).
Jul 04 2018 11:10 PM
Please take a look at the site of John as he managed to do this http://johnliu.net/blog/2017/1/create-many-o365-groups-with-powershell-resource-owner-granttype-and-...
Jul 05 2018 06:20 AM
Thanks @Deleted
Appreciate it, however I don't see that there's an API for this in the Graph. Sure you can create a Group, but I need to "groupify" an existing SharePoint site collection.
The SharePoint API is
{siteUrl}/_api/GroupSiteManager/CreateGroupForSite
But again, it cannot be called using AppOnly context.
I guess the conclusion is that it is not possible yet.
Jul 05 2018 11:27 AM
Hi Michael,
True it is not possibble yet but with the solution of John you could create a account which only can do what you want.
Kind regards,
Paul
Jul 06 2018 02:18 AM
It is a multi tenant solution running against hundreds of customers, so can't use username/password.
Nov 01 2021 06:24 AM
@Michael Schau Did you find any solution meanwhile? I have same requirement i.e. I want to use CreateGroupForSite method with App Only Context.