Share via

Recent change on PNP interactive affecting Site.Selected permission granting

Amoz Tan 0 Reputation points
2024-10-11T06:52:32.68+00:00

Hi,

For context, I have been using the site.selected permission in Entra ID to grant read/write access to my SharePoint Online site. The process involved granting the site.selected permission in Entra ID, then using PnP PowerShell with the -Interactive parameter to access the SharePoint site and assign the necessary permissions to the Entra ID app.

With the recent changes to PnP PowerShell's -Interactive parameter, how can I now grant my Entra ID app read/write permissions to the SharePoint site?

Microsoft 365 and Office | SharePoint | For business | Windows
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ling Zhou_MSFT 23,690 Reputation points Microsoft External Staff
    2024-10-14T01:12:01.5233333+00:00

    Hi @Amoz Tan,

    Thank you for posting in this community.

    To grant your Entra ID app read/write permissions to your SharePoint Online site after the recent changes to PnP PowerShell's -Interactive parameter, you can still use the Grant-PnPAzureADAppSitePermission cmdlet. This cmdlet allows you to add permissions for a given Microsoft Entra application registration.

    Here's a general approach you can follow:

    1. Ensure that you have the site.selected permission granted in Entra ID.
    2. Use the Grant-PnPAzureADAppSitePermission cmdlet to assign the necessary permissions. The syntax would look like this:
       Grant-PnPAzureADAppSitePermission -AppId {client-id} -DisplayName {display-name} -Permissions ReadWrite -Site {site-object}

    Replace {client-id}, {display-name}, and {site-object} with your application's client ID, a description for the application, and the site object respectively.

    1. If you need to manage or revoke permissions later, you can use the Set-PnPAzureADAppSitePermission and Revoke-PnPAzureADAppSitePermission cmdlets.

    Make sure to connect to your SharePoint site using Connect-PnPOnline before executing these commands.

    Reference: Granting permissions via PnP PowerShell.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

    1 person found this answer helpful.
  2. Ling Zhou_MSFT 23,690 Reputation points Microsoft External Staff
    2024-10-22T05:42:23.72+00:00

    Hi @Amoz Tan,

    Thank you for your reply.

    Yes, this is the latest update to SharePoint Online. You must register your App ID in Microsoft Entra for PnP PowerShell.

    Please refer this article to create an App and use Connect-PnPOnline.

    PnP PowerShell – AADSTS700016: Application with identifier ‘31359c7f-bd7e-475c-86db-fdb8c937548e’ was not found in the directory

    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link. 

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Was this answer helpful?

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.