How do I get a Graph API token with higher permission than the user?
I am currently developing a Microsoft Teams tab app using Teams Toolkit.
The users of the app should be able to invite guest users to certain teams and edit some of the users information in AD. This requires higher permission level than the users have.
I have tried to use delegated permission but this limits the permission of the app based on the user's permissions. See https://learn.microsoft.com/en-us/graph/auth/auth-concepts
Is there a way using Teams Toolkit or, as a last resort, some other package to get a Graph API token that will allow the app to perform operations that requires permissions higher that what the user have?
For reference I list below some of the permission the app needs:
"User.ReadBasic.All",
"Sites.ReadWrite.All",
"Domain.ReadWrite.All",
"Directory.ReadWrite.All",
"TeamMember.ReadWrite.All",
"TeamSettings.ReadWrite.All",
Thank you!
Just as Hilton mentioned, you should use "Application" permission for your scenario.
"Application" permission is designed to running from backend, so you can setup a backend web app or Azure Function to do this.
Here are the basic steps:
Go to your AAD app, and add the permission you want
Consent the permission
copy client id and client secret from AAD portal
Follow the steps to get access token https://learn.microsoft.com/en-us/graph/auth-v2-service#4-get-an-access-token
By the way, recommend to use Azure Function features inside Teams Toolkit, which can help you easily setup an Azure Function in you Teams Tab project, then you can write the code inside the Azure Function to call graph api with application permission
- Distinguish between two maximum values in a column with Power Query
- Power Query Conditional JOIN - JOIN with WHERE clause
- Calculate combinations for a range of text values in excel
- How to update a column's values in Power BI M Language
- What's the difference between DAX and Power Query (or M)?
- Sorting issue when consolidating monthly data into a year to date file. Using query, sorting by day, time, and letter
- Power Query `List.Generate` runs too slow
- Custom Colum based on specific dates in powerquery
- How do I properly use table.group in a PowerQuery query to dynamically summarize different rows and columns?
- Excel Power Query syntax issue transform multiple columns of records
- How to capitalize only first letter of a sentence
- Power Query Import For Power BI with group by on SelectRows
- Get data from config table cell when loading data source with power query
- Translate Excel Formula into Power Query
- Counting matching pairs of letters in lists of bigrams in Power Query M
- Bigrams of a string in Power Query M
- Power Query code to refer to another query (and how buffering works)
- M code for the equivalent of of Left (string, len(string)-11)
- How to add a missing column to the Transform Sample File
- How to add or insert ' (single quotes) for every string in a list in which strings are separated by commas in Power Query
- Power BI M code Split column from Lowercase to Uppercase won't include diacritics (accents)
- M Code(Power Query) to Remove Empty columns that runs fast
- How to find the value with date closest to another date
- Error when build AOSP 14 - internal error: undefined variable CTS_TEST_SUITES_DEFAULT
- Call a table using a dynamic identifier
- Problem getting the value from a cell using M in excel
- How to rename columns based on the data within them in Power Query M?
- Power Query return a field name based on parameter
- Power Query: after combining 2 tables got something strange
- Token Literal Expected Error in Power Query M Code using try and List.MatchesAny