Nov 09 2018 12:52 AM
Hi,
I am trying to automate the process of granting access using SharePoint App-Only via PowerShell script. As explained in the micrsoft article its a three step process:
I am able to create the principal with the below script but I could not find a way to grant permission via powershell script. I need to update the principal with the below permission and trust the app as tenant admin via powershell script. Is it possible to set permission via PowerShell script?
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" /> <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" /> <AppPermissionRequest Scope="http://sharepoint/social/tenant" Right="FullControl" /> </AppPermissionRequests>
$credential = Get-Credential $clientID = "a05cdfc7-e777-42bf-a37a-5db5c5c23e6b" $newclientsecret = "abP1ylR5VAyjbZPt3BRzP/lIIyAUp0IpdMMNQDJ9jOe=" $appName = "Contoso" $appUrl = "https://contoso.azurewebsites.net/" $appDomain = "contoso.azurewebsites.net" $appId = [System.Guid]::Parse($clientID) $servicePrincipalName = @("$clientID/$appDomain") $dtStart = [System.DateTime]::Now $dtEnd = $dtStart.AddYears(3) Connect-MsolService -Credential $credential New-MsolServicePrincipal -serviceprincipalnames $serviceprincipalname -appprincipalid $appid -displayname $appname -type symmetric -usage verify -value $newclientsecret -addresses (new-msolserviceprincipaladdresses -address $appurl) -startdate $dtstart –enddate $dtend New-MsolServicePrincipalCredential -appprincipalid $appid -type symmetric -usage sign -value $newclientsecret -startdate $dtstart –enddate $dtend New-MsolServicePrincipalCredential -appprincipalid $appid -type password -usage verify -value $newclientsecret -startdate $dtstart –enddate $dtend
Nov 22 2018 03:06 AM
Nov 25 2018 05:42 PM
Not yet Walid.