Table of Contents

Basic settings

Let’s suppose we have 2 sites in Sharepoint suggestively named "permission granted" and "permission denied". 2 initial SharePoint sites

We will now create two applications in the Microsoft Entra admin center, named AdminApp and App1. We want AdminApp to have access to everything, while App1 will have access to site "permission granted" only. The 2 apps

We set Sites.FullControl.All access rights for AdminApp: AdminApp access rights

We set Sites.Selected access rights for App1: App1 access rights

Granting access for App1 to a specific SharePoint site

  1. First we need to create a new HTTP request to generate an access token for AdminApp: a. Set Request method, Request URL and Request header HTTP request for AdminApp b. Enter settings for the body of the request HTTP request 1 - body settings c. Send request – an access token for AdminApp is generated Generated token

  2. Copy the siteID of our SharePoint site named "permission granted": Target Site ID

  3. Create new HTTP request to grant access for App1 to SharePoint site named "permission granted": a. Set Request method, Request URL and Request header HTTP request for App1 b. Enter settings for the body of the request HTTP request 2 - body settings c. Enter authorization settings – insert the access token obtained from the previous request Authorization settings d. Send request - access for App1 to the SharePoint "permission granted" site is ready Authorization settings