question

sp13test-6829 avatar image
0 Votes"
sp13test-6829 asked Jerryzy answered

Any way to focus site permission in App-Only csom

I register a App in Azure AD Portal:

78553-api-permission.png



Get Access Token:

  var clientId = "<<AAD_APP_CLIENT_ID>>";
             var tenantId = "<<AAD_TENANT_ID>>";
     
             using var certificate = GetCertificate(
                 Path.Combine(Environment.CurrentDirectory, "MyAppCertificate.pfx"),
                 "<<CERTIFICATE_PASSWORD>>");
     
             var confidentialClient = ConfidentialClientApplicationBuilder
                 .Create(clientId)
                 .WithTenantId(tenantId)
                 .WithCertificate(certificate)
                 .Build();
     
             var token = await confidentialClient
                 .AcquireTokenForClient(new[] { $"{endpoint.TrimEnd('/')}/.default" })
                 .ExecuteAsync();

Can we make the App Permission focus on detailed site collection ?

office-sharepoint-server-development
api-permission.png (33.4 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Jerryzy avatar image
1 Vote"
Jerryzy answered

Hi @sp13test-6829 ,

Agree with trevorseward's suggestion, but Site.Selected permission level is still in Development status per the Microsoft 365 roadmap, you can trace the status, once released, it will support for specific site collection permission level:

roadmap

Thanks
Best Regards


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

trevorseward avatar image
0 Votes"
trevorseward answered trevorseward edited

See:

https://developer.microsoft.com/en-us/sharepoint/blogs/controlling-app-access-on-specific-sharepoint-site-collections/

Note, putting a PFX password in code defeats the purpose of using Cert-based auth. PFX should be imported into a trusted store and use the callers identity to read the private key.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.