Are you trying to authenticate via the application shown on the first screenshot? This will not work, as you need the Sites.FullControl.All for this operation.
Unable to define the sites for an App Registration for SahrePoint with Site.Selected
I have this App registration with Site.Selected:-
now i want to define the sites for the above "Sites.Selected", so i tried the following:-
$siteUrl = "https://
*
.sharepoint.com/sites/integration-prod"
$clientId = "2**0a"
$certThumbprint = "7**EA"
$tenant = "**.onmicrosoft.com"
Connect-PnPOnline -Url $siteUrl -ClientId $clientId -Thumbprint $certThumbprint -Tenant $tenant
$writeperm = Grant-PnPAzureADAppSitePermission -Permissions "Write" -Site $siteUrl -AppId $clientId -DisplayName "SPGPIntegration-Test"
$PermissionId = Get-PnPAzureADAppSitePermission -AppIdentity $clientId
Set-PnPAzureADAppSitePermission -Site $siteurl -PermissionId $(($PermissionId).Id) -Permissions "FullControl"
but i got these errors:-
PS C:\Users\mohan> $writeperm = Grant-PnPAzureADAppSitePermission -Permissions "Write" -Site $siteUrl -AppId $clientId -DisplayName "SPGPIntegration-Test"
Grant-PnPAzureADAppSitePermission: {"error":{"code":"AccessDenied","message":"Either scp or roles claim need to be present in the token.","innerError":{"date":"2024-09-17T14:01:55","request-id":"38072694-80cf-4235-9b4c-3d0335ee72ff","client-request-id":"38072694-80cf-4235-9b4c-3d0335ee72ff"}}}
PS C:\Users\mohan>
PS C:\Users\mohan> $PermissionId = Get-PnPAzureADAppSitePermission -AppIdentity $clientId
Get-PnPAzureADAppSitePermission: Forbidden (403): Either scp or roles claim need to be present in the token.
PS C:\Users\mohan>
PS C:\Users\mohan> Set-PnPAzureADAppSitePermission -Site $siteurl -PermissionId $(($PermissionId).Id) -Permissions "FullControl"
Set-PnPAzureADAppSitePermission: Cannot validate argument on parameter 'PermissionId'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
any advice on this please?
Thanks