Share via

Why does the SharePoint Online Role not appear in my Azure AD SP Token?

Mark Heidl 21 Reputation points
2023-07-08T20:56:19.02+00:00

Hi,

i want to use an Azure AD SP to access my SharePoint Sites and Lists.

I added the Sites.FullControl.All role but when i receive my token, i dont see any roles at all.

User's image

When i add Application Roles for Microsoft Graph, those roles are displayed in the token.

How do i access my SP with SharePoint Roles, so that i can use Microsoft Graph ?

Best regards,

Mark

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
13,059 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
3,297 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,265 questions
0 comments
Accepted answer
  1. Vasil Michev 113.8K Reputation points MVP
    2023-07-09T14:08:16.4+00:00

    Those are different resources (note the value of the "aud" claim in the token you've obtained). If you want to obtain a token that includes the permissions you've granted for the SPO resource, make sure to add the corresponding scope in your token request.

    Do note that the Sites.FullControl.All scope is also available for the standard Microsoft Graph resource, so you might as well add it therein (depending on your use case that is).

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.