Share via

Do I always need to enable/re-enable API usage authorization in sharepoint to update web part packages?

Toriyama 291 Reputation points
2022-10-25T09:16:00.227+00:00

I have a sharepoint framework project and in it we use an api developed and maintained in azure.
Every time I update the web part, do I need to activate/release access to use the api or is it just 1 time?
Thanks

Microsoft 365 and Office | SharePoint | Development
0 comments
Answer accepted by question author
  1. Rob Windsor 2,006 Reputation points
    2022-10-28T10:34:07.633+00:00

    If your asking about needed to approve API permission requests in the SharePoint admin portal each time you deploy the package to the SharePoint app catalog, the answer is no. The only time you would need to do so is if you added new permission requests in the config/package-solution.json file in your project.

    255054-image.png

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Tong Zhang_MSFT 9,256 Reputation points
    2022-10-26T02:38:06.74+00:00

    Hi @Toriyama ,

    According to my research, you can refer to the description in the official documentation:

    Considerations
    Following are some considerations that you should take into account when working with web API permissions.

    Request permissions via SharePoint Framework solutions
    At this moment, it's only possible to request additional permissions through a SharePoint Framework solution. The request is started when the solution package (.sppkg) containing a permissions request is deployed in the app catalog. After the request is started, it can be approved or denied by a global or SharePoint administrator.

    Granted permissions apply to all solutions
    Although permissions to Azure AD resources are being requested by a SharePoint Framework solution, once granted, they apply to the whole tenant and can be leveraged by any solution in that tenant.

    Removing solution doesn't revoke permissions
    Removing the solution that initially requested the particular permission doesn't revoke the granted permission. Administrators have to manually revoke permissions granted through SharePoint Framework application requests.

    Revoking previously granted permissions doesn't invalidate issued access tokens
    Revoking previously granted permissions doesn't invalidate access tokens issued to users. Instead, these access tokens remain valid until they expire.

    Permission request doesn't affect solution deployment
    No matter if the administrator denies or approves permissions requested by the solution, the solution can be deployed and used on sites. When building solutions that require additional permissions, you should never assume that the requested permissions have been granted.

    More information for reference: Connect to Azure AD-secured APIs in SharePoint Framework solutions

    Hope it can help you. Thanks for your understanding.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.