search

pnp / powershell

PnP PowerShell
https://pnp.github.io/powershell
MIT License
669 stars 344 forks source link

[BUG] Issue with Grant-PnPAzureADAppSitePermission #4318

Closed verkes closed 1 week ago

verkes commented 1 week ago

Reporting an Issue or Missing Feature

I am unable to set permissions on SharePoint sub sites. The app registration has the Sites.Selected permission in Azure AD, as well as Microsoft Graph API has Sites.FullControl.All for the PnP App. I am a GA.

Expected behavior

I want to grant write permissions to the Azure app.

Actual behavior

I am able to grant write permissions to the root site collection (https://mytenant.sharepoint.com), however I receive an access denied error for any sub sites. Connect-PnPOnline successfully authenticates my account, Grant-PnPAzureADAppSitePermission gives me the following error:

Grant-PnPAzureADAppSitePermission: {"error":{"code":"accessDenied","message":"Access denied","innerError":{"date":"2024-09-19T09:37:07","request-id":"xxx-xxx-xxx","client-request-id":"xxx-xxx-xxx"}}}

Steps to reproduce behavior

Connect-PnPOnline -Url "https://mytenant.sharepoint.com/sites/test" -Interactive -ClientId "_my pnp app ID_"

Grant-PnPAzureADAppSitePermission -AppId "_my azure app ID_" -DisplayName "AzureApp" -Permissions write -Site "https://mytenant.sharepoint.com/sites/test"

What is the version of the Cmdlet module you are running?

PnP.Powershell

ModuleType Version    PreRelease Name                                PSEdition ExportedCommands
---------- -------    ---------- ----                                --------- ----------------
Manifest   2.12.0                PnP.PowerShell                      Core      {Add-PnPAdaptiveScopeProperty, Add-PnPE…

Powershell

Name                           Value
----                           -----
PSVersion                      7.4.5
PSEdition                      Core
GitCommitId                    7.4.5
OS                             Microsoft Windows 10.0.14393
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Which operating system/environment are you running PnP PowerShell on?

jackpoz commented 1 week ago

Are you site collection administrator on the "https://mytenant.sharepoint.com/sites/test" site ?

verkes commented 1 week ago

Are you site collection administrator on the "https://mytenant.sharepoint.com/sites/test" site ?

Ah I'm not, just on the root site. Thank you