This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 84%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGF%3C/text%3E%3C/svg%3E)
I am trying to grant read permission to my Azure app for a specific SharePoint site, but I am facing challenges due to permission restrictions.
I have access to the site and can manage its content.
I am also the owner of the Azure app, which means I can configure its settings and permissions within my scope.
However, when I attempt to assign read permission to the app for the site, I am unable to do so because I do not have an admin role in the Azure tenant.
I tried using Microsoft Graph API to grant the required permission, but it explicitly requires an admin role to approve or configure access for an app. Since I do not have this role, I am unable to complete the process.
I am looking for a way to grant site-level read permissions to my Azure app without requiring admin approval or finding an alternative method to achieve this within my current access limitations.
You cannot, this is an admin-level operation. Adding permissions programmatically requires your app to have the Site.FullControl.All scope granted, which can only be done after admin consent. Refer to the documentation for more details: https://learn.microsoft.com/en-us/graph/api/site-post-permissions?view=graph-rest-beta&tabs=http