Give admin consent via Graph
We need to provide automated access to our Sharepoint sites, so our customers can up/download files from their environment. We are building an internal self-service application for our customer teams that needs to do the following:
- Register an app in Azure (done)
- Give the app Sites.Selected permission (done)
- Grant permission to a customer site (wip, partly done)
- Give the app admin consent (?)
We would like to automate the admin consent part as we have hundreds of customers. I didn't find any reference to that. Also, if I call the https://graph.microsoft.com/v1.0/applications/{appid} endpoint I don't see that there's any consent pending that would give me a clue where to search further.
How can we give consent with graph, without human interaction?
I created an Azure AD Application and added API permissions like below:
How can we give consent with graph, without human interaction?
Note that: One needs to have the Global Administrator, Privileged Role Administrator, or Application Administrator roles in order to grant Admin consent to the API permissions of the Azure AD Application.
Assign any one of the above roles to the Service principal.
Login with the Azure Service Principal and generate access token:
az login --service-principal -u "AppID" -p "ClientSecret" -t "TenantID"
az account get-access-token --resource https://graph.microsoft.com
To grant Admin consent to the Application type permission, check the below:
POST https://graph.microsoft.com/v1.0/servicePrincipals/SPObjID/appRoleAssignedTo
{
"principalId": "SPObjID",
"resourceId": "MicrosoftGraphResourceID",
"appRoleId": "APIpermissionID"
}
The Admin consent granted successfully to the API permission:
To get the values of resourceId and appRoleId of Sites.Selected permission run the below query:
https://graph.microsoft.com/v1.0/servicePrincipals?$filter=displayName eq 'Microsoft Graph'
To grant Admin consent to the Delegated API permission, check the below:
POST https://graph.microsoft.com/v1.0/oauth2PermissionGrants
{
"clientId": "ObjectIDofSP",
"consentType": "AllPrincipals",
"resourceId": "MicrosoftGraphResourceID",
"scope": "User.Read"
}
The Admin consent granted successfully to the API permission:
- Combine rows if the dates exist in another row
- Distinguish between two maximum values in a column with Power Query
- Power Query Conditional JOIN - JOIN with WHERE clause
- Calculate combinations for a range of text values in excel
- How to update a column's values in Power BI M Language
- What's the difference between DAX and Power Query (or M)?
- Sorting issue when consolidating monthly data into a year to date file. Using query, sorting by day, time, and letter
- Power Query `List.Generate` runs too slow
- Custom Colum based on specific dates in powerquery
- How do I properly use table.group in a PowerQuery query to dynamically summarize different rows and columns?
- Excel Power Query syntax issue transform multiple columns of records
- How to capitalize only first letter of a sentence
- Power Query Import For Power BI with group by on SelectRows
- Get data from config table cell when loading data source with power query
- Translate Excel Formula into Power Query
- Counting matching pairs of letters in lists of bigrams in Power Query M
- Bigrams of a string in Power Query M
- Power Query code to refer to another query (and how buffering works)
- M code for the equivalent of of Left (string, len(string)-11)
- How to add a missing column to the Transform Sample File
- How to add or insert ' (single quotes) for every string in a list in which strings are separated by commas in Power Query
- Power BI M code Split column from Lowercase to Uppercase won't include diacritics (accents)
- M Code(Power Query) to Remove Empty columns that runs fast
- How to find the value with date closest to another date
- Error when build AOSP 14 - internal error: undefined variable CTS_TEST_SUITES_DEFAULT
- Call a table using a dynamic identifier
- Problem getting the value from a cell using M in excel
- How to rename columns based on the data within them in Power Query M?
- Power Query return a field name based on parameter
- Power Query: after combining 2 tables got something strange