Set-SPOApplicationPermission
Manages permissions for a guest application to access a SharePoint Embedded application.
Syntax
Default (Default)
Set-SPOApplicationPermission
[-OwningApplicationId] <Guid>
[-GuestApplicationId] <Guid>
[-PermissionAppOnly] <String[]>
[[-PermissionDelegated] <String[]>]
[<CommonParameters>]
Description
The Set-SPOApplicationPermission cmdlet manages permissions for a guest application's access to a SharePoint Embedded application. This includes adding, updating, and deleting guest application permissions. A guest application is defined as any application within the enterprise applications of the owning tenant.
You must be a SharePoint Administrator to run this cmdlet. For permissions and the most current information about Windows PowerShell for SharePoint Online, see the online documentation at Intro to SharePoint Online Management Shell.
Note
Only app-only permissions are supported for guest applications accessing SharePoint Embedded applications. Delegated permissions are not supported and are default set to None.
Examples
Example 1
Set-SPOApplicationPermission -OwningApplicationId a187e399-0c36-4b98-8f04-1edc167a0996 -ApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly Read, Write
Example 1 gives the guest application with ID 12345678-1234-1234-abcd-abcdefghijkl app-only Read, Write permissions to access the owning application Microsoft Loop of ID a187e399-0c36-4b98-8f04-1edc167a0996.
Example 2
Set-SPOApplicationPermission -OwningApplicationId 5e2795e3-ce8c-4cfb-b302-35fe5cd01597 -ApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly ReadContent, WriteContent -PermissionDelegated None
Example 2 gives the guest application with ID 12345678-1234-1234-abcd-abcdefghijkl app-only ReadContent, WriteContent permissions to access the owning application Microsoft Designer of ID a187e399-0c36-4b98-8f04-1edc167a0996.
Example 3
Set-SPOApplicationPermission -OwningApplicationId 5e2795e3-ce8c-4cfb-b302-35fe5cd01597 -ApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly None -PermissionDelegated None
Example 3 sets guest application permissions to None for the guest application with ID 12345678-1234-1234-abcd-abcdefghijkl. This has deleted previous permissions for that guest application to access owning application of a187e399-0c36-4b98-8f04-1edc167a0996.
Parameters
-ApplicationId
Applicable: SharePoint
Use this parameter to specify the guest application ID. A guest application is any application within the tenant's enterprise applications.
Parameter properties
| Type: | System.Guid |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 1 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-OwningApplicationId
Applicable: SharePoint
Use this parameter to specify the Owning Application where guest application access is granted.
Parameter properties
| Type: | System.Guid |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 0 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PermissionAppOnly
Applicable: SharePoint
Use this parameter to specify the app-only permissions of the guest application.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 2 |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PermissionDelegated
Applicable: SharePoint
This parameter specifies delegated permissions which are not supported for guest applications at this time.
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | 3 |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.