search

SharePoint / sp-dev-docs

SharePoint & Viva Connections Developer Documentation
https://docs.microsoft.com/en-us/sharepoint/dev/
Creative Commons Attribution 4.0 International
1.24k stars 1.01k forks source link

Unable to approve a SPFx app permission request with PnP Powershell #9633

Open mmohapatra-muhimbi opened 5 months ago

mmohapatra-muhimbi commented 5 months ago

What type of issue is this?

Question

What SharePoint development model, framework, SDK or API is this about?

💥 SharePoint Framework

Target SharePoint environment

SharePoint Online

What browser(s) / client(s) have you tested

Additional environment details

SPFx version 1.18.2 Node 18.9.0 Powershell: 7.4.1 PnP.PowerShell 2.4.33

Issue description

We have some webApiPermissionRequests defined in spfx package-solution json file 

"webApiPermissionRequests": [
      {
        "resource": "Azure AD app name",
        "scope": "user_impersonation"
      },
      {
        "resource": "Microsoft Graph",
        "scope": "User.Read, AllSites.FullControl"
      }
    ]
In PowerShell I am trying to approve these permission requests using
$permissionRequests = Get-PnPTenantServicePrincipalPermissionRequests
    foreach ($req in $permissionRequests)
        {
            if ($req.PackageName -eq "$muhimbiPackageName")
            {
                Write-Host "Granting permissions $($req.Name) $($req.Scope)"

                Approve-PnPTenantServicePrincipalPermissionRequest -RequestId $req.Id -Force -ErrorAction SilentlyContinue -ErrorVariable approveRequestError -OutVariable approveRequestResult | Out-Null

                if (![String]::IsNullOrWhiteSpace($approveRequestError) -And -Not($approveRequestError -imatch "already exists"))
                {
                    Write-Host "approveRequestError: $approveRequestError"
                    $grantedAllPermissions = $false;
                    Write-Host "Failed" -ForegroundColor Red
                }
                else
                {
                    Write-Host "Success" -ForegroundColor Green
                }

                Write-Host ""
            }
        }

But I am getting below error: approveRequestError: The service principal for permssion request {SPFX_App_Name} could not be found.

Please note there is a typo in "permssion"

Script was working fine few days ago but started giving error recently

I tried the SP online powershell as well Get-SPOTenantServicePrincipalPermissionRequests and Approve-SPOTenantServicePrincipalPermissionRequest getting same error

Tried Enable-SPOTenantServicePrincipal it gives us "Unknown Error"

I checked below service principal exists:

  1. "SharePoint Online Client Extensibility Web Application Principal"
  2. "GraphAggregatorService" or "Microsoft Graph"

  3. Azure AD app created by us

    Manually approving the permission works just fine

tomaszoida commented 3 months ago

Any updates on this issue? We are having the same problem recently.

marcus-atvero commented 2 months ago

Just a +1 also having the same issue, which is a double pain as the web gui also doesn't work (with an MSAL iframe error)