Skip to main content

App sites.selected permission

The Entra ID App requires Sites.Selected permission to grant access to the related SharePoint site collection. This section documents steps to assign the permission.

Before you start

Prerequisite stages

Confirm the following stages have been completed:

Parameters

The following values from the parameters workbook are required:

  • {Pnp-App-ClientId}
  • {SharePoint-Site-Url}
  • {Entra-App-ClientId}

Permission required

Use an account with the following permissions:

  • Global Administrator

App Sites.Selected permission

Run following PowerShell script to configure Sites.Selected permission.

note

IMPORTANT: Variables at top of script must be updated before proceeding.

  • $PnpAppClientId: populate with {Pnp-App-ClientId}
  • $SharePointSiteUrl : populate with {SharePoint-Site-Url} for the instance
  • $EntraAppClientId : populate with {Entra-App-ClientId} for the instance
  • $DisplayName: populate with a Description e.g. "Pro-Sapien UAT"

$PnpAppClientId= ""
$SharePointSiteUrl = ""
$EntraAppClientId = ""
$DisplayName = ""

## Connect to SharePoint Site
Connect-PnPOnline -Url $SharePointSiteUrl -ClientId $PnpAppClientId -Interactive

## Grant App Registration FullControl permission on the SharePoint site
$response = Grant-PnPAzureADAppSitePermission -AppId $EntraAppClientId -DisplayName $DisplayName -Site $SharePointSiteUrl -Permissions Write
Set-PnPAzureADAppSitePermission -PermissionId $response.Id -Site $SharePointSiteUrl -Permissions FullControl