Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Setting Permissions to SharePoint sites used by IDE

            Modified on Wed, 21 Jan at 8:45 AM

            TABLE OF CONTENTS

            Introduction

            In order to properly set up permissions to access SharePoint site by IDE, the following document is useful. It describes 4 "how-to" steps to achieve this.


            1. Register Your Application in Azure Active Directory (AAD)

            1. Navigate to the Azure portal and register a new application or select an existing one
            2. Note the Application (client) ID for later use.

            2. Assign the Sites.Selected Permission for both Microsoft Graph and SharePoint.

            1. In your application's API permissions section, add the Sites.Selected permission.
              • If the application is going to be used by desktop client, then use Delegated permission
              • If the application is going to be used by autonomous client, then use Application permission
            2. Grant admin consent for the permission.


            3. Grant the Application Access to Specific SharePoint Sites

            Use the Microsoft Graph API to assign the necessary permissions to your application for each target site.


            Example request to grant write access

            POST https://graph.microsoft.com/v1.0/sites/{site-id}/permissions

            Content-Type: application/json

             

            {
  "roles": ["write"],
  "grantedToIdentities": [
    {
      "application": {
        "id": "your-app-id",
        "displayName": "Your App Name"
      }
    }
  ]
}

            Replace {site-id} with the ID of your Sharepoint site and {your-app-id} with your application's client ID

            4. Ensure User Permissions

            • The signed-in user must have sufficient permission on the SharePoint site to perform the desired actions.
            • The application's access is constrained by the intersection of its granted permissions and the user's permissions.
              By following these steps, you can configure your Azure App Registration to have delegated permissions that allow writing files and creating folders in specific SharePoint sites, ensuring minimal and controlled access.

            Notes

            • If you need to check which Azure Applications have access to a specific SharePoint site, you can list all granted permissions using the Microsoft Graph API.
            • GET https://graph.microsoft.com/v1.0/sites/{site-id}/permissions

            Replace {site-id} with the ID of your Sharepoint site.


            References

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0