Last updated
Was this helpful?
Last updated
Was this helpful?
Grant Azure Application Permission for a Specific SharePoint Site
To ensure proper integration and access, follow the steps below to grant the Sites.Selected permission to your Azure AD application using the Microsoft Graph API.
Visit the Microsoft Graph Explorer:
Sign in using your Microsoft account to proceed.
Use the following API request to get the Site ID of your target SharePoint site:
GET https://graph.microsoft.com/v1.0/sites/{tenant-name}.sharepoint.com:/sites/{site-name}
In the example shown, the site URL is visible and can be referenced from the browser's address bar.
Once the query is run, it returns the Site ID in the response. If the query does not return a response, click on Modify Permissions in Graph Explorer and allow the required access. This access is requested by Microsoft and is safe to grant.
After the permissions are granted, run the query again. The response will contain the Site ID, which you can copy for use in the next step.
Once you have the Site ID, use the following API with the POST method to grant permissions:
POST https://graph.microsoft.com/v1.0/sites/{site-id}/permissions
In the request body, include the JSON payload with the roles and application details.
Example:
If an error occurs after submitting the request, click on Modify Permissions again and grant the permissions requested by Graph Explorer.
Once the necessary permissions are granted, re-run the query. It should return a response confirming the permission assignment.
After successful execution, you will receive a response like the following:
After the permission has been successfully granted, log out of Graph Explorer and try to authenticate the SharePoint connector. The connector should now be successfully authenticated.
If you receive an error after executing this request, it usually means additional permission consent is required. Click on "Modify permissions" in Graph Explorer and grant the permissions requested.
Once the permission is granted successfully, the response will confirm it.
After successfully granting permissions:
Log out from Graph Explorer.
Re-authenticate the SharePoint connector in SharePoint Security Tool.
It should now be authenticated successfully.
In this case, the example API with the Site ID looks like:| POST
