Revoke-SPOTenantServicePrincipalPermission
Revokes a permission that was previously granted to the "SharePoint Online Client" service principal
Syntax
Revoke-SPOTenantServicePrincipalPermission
[-ObjectId] <String>
[-Confirm]
[<CommonParameters>] Description
Revokes a permission that was previously granted to the "SharePoint Online Client" service principal.
Examples
------------------EXAMPLE 1------------------
$grants = Get-SPOTenantServicePrincipalPermissionGrants
$grantToRemove = $grants | ? { $_.Resource -eq 'Office 365 SharePoint Online' -and $_.Scope -eq 'MyFiles.Read' } | Select-Object -First 1
if ($grantToRemove -ne $null)
{
Revoke-SPOTenantServicePrincipalPermission -ObjectId $grantToRemove.ObjectId
}Revokes the permission associated with the 'Office 365 SharePoint Online' resource and with scope claim 'MyFiles.Read'. If there is no permission with those properties, then no revoke action will be taken.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | SharePoint Online |
-ObjectId
The Object ID of the permission grant to revoke
| Type: | string |
| Position: | Named |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |