question

RisingFlight-7863 avatar image
0 Votes"
RisingFlight-7863 asked RaytheonXie-MSFT edited

API permissions

Hi All

i am new to Azure App Registration i have created a team site by name test1

https://contoso.sharepoint.com/sites/test1

i want to create an app in Azure App registration i want to give full,create,update,read,delete on the api to this team site, not on the complete tenant. Experts guide me how to give the API permission on this team site.

To create an api i will use the below url
https://contoso.sharepoint.com/sites/test1/_layouts/15/appregnew.aspx

Do i need to give permissions using the below url and what permission do i need to give.
https://contoso.sharepoint.com/sites/test1/_layouts/15/appinv.aspx

office-sharepoint-onlinesharepoint-devoffice-sharepoint-server-itproazure-ad-app-registrationazure-ad-app-management
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RaytheonXie-MSFT avatar image
0 Votes"
RaytheonXie-MSFT answered

Hi @RisingFlight-7863 ,
Yes,we need to grant permissions by the url. Please Fill the following code in App's Permission Request XML with full control.

 <AppPermissionRequests AllowAppOnlyPolicy="true">
 <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />
 </AppPermissionRequests>

Then click create and trust it.


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in [our documentation] to enable e-mail notifications if you want to receive the related email notification for this thread.




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RisingFlight-7863 avatar image
0 Votes"
RisingFlight-7863 answered RaytheonXie-MSFT commented

To summarize and correct me if i am wrong

To generate client client which url will work for me.

https://contoso.sharepoint.com/_layouts/15/appinv.aspx
or
https://contoso.sharepoint.com/sites/test1/_layouts/15/appinv.aspx (i believe this will not work)

To give API permissions on the teams site only(test1 is my teams site)

https://contoso.sharepoint.com/sites//test1/_layouts/15/appregnew.aspx

 <AppPermissionRequests AllowAppOnlyPolicy="true">
 <AppPermissionRequest Scope=http://contoso/content/sitecollection/
 Right="FullControl" />
 </AppPermissionRequests>


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @RisingFlight-7863 ,
Please generate client in
https://contoso.sharepoint.com/sites/test1/_layouts/15/appinv.aspx
Then give API permissions on
https://contoso.sharepoint.com/sites//test1/_layouts/15/appregnew.aspx
with

  <AppPermissionRequests AllowAppOnlyPolicy="true">
  <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />
  </AppPermissionRequests>

Here is the link for reference:
https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/add-in-permissions-in-sharepoint


0 Votes 0 ·