SharePoint online Apps are not getting trusted with app only policy even with SharePoint Global Admin
Question
-
Hi All,
I have a Global Admin privilege for SharePoint online and I am trying to create the app with the below “Permission Request XML” and I am getting the error "Sorry, only tenant administrators can add or give access to this app", I am facing this issue since from yesterday and earlier I was having able to trust the apps.
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
<AppPermissionRequest
Scope="http://sharepoint/taxonomy"
Right="Write" />
<AppPermissionRequest
Scope="http://sharepoint/content/sitecollection"
Right="FullControl" />
</AppPermissionRequests>
Apart from creating the new app the existing app having same app permission has above was working till these days and stopped working now and giving exception in the below line which we were using to update the user profile values.
SetSingleValueProfileProperty("i:0#.f|membership|myemailid@xyz.com", "LastName", "Anystringvalue");
I am assuming both issue are correlated, and facing same issue in my local tenant also.
In many of the other MSDN this been asked but many of the workaround wont workout for me as its SharePoint online.
Please suggest.
Thanks,
Shiva
Answers
-
There was an update recently on how the add-ins are installed. For all the add ins with app only tenant admin permissions, tenant admin have to approve for the use of apps during installation.
Here are the steps on how the process flow is.
1 Add add-in with app only tenant admin permissions, to app catalog.
2.Go the site contents in the site where you want to use the add-in.
3.Click on add-in to install, it will display a message "You can't add app here"" Find out why".
4.Click on "Find out why". It will take navigate to the Add in approval request page. Click on "Request Approval".
5.The app approval request goes to tenant admin who has to approve the app installation. Tenant admin has to browse to app catalog and check the app requests pending for approval.
6.Click on the app in "App Requests" list, tenant admin should be able to approve the app.
7.Now go back to the site contents of the site where the add-in to be installed. and click on the ad-in, you should now be able to trust the app to install.
The request approval flow applies to tenant admin if he want to install an app in any site. Tenant admin request approval in the site and then go to the app catalogue to approve the app request, then only he would be able to get back to site contents and install the app.
aravinda
- Marked as answer by Shivasharanappah Tuesday, October 4, 2016 9:07 AM
All replies
-
There was an update recently on how the add-ins are installed. For all the add ins with app only tenant admin permissions, tenant admin have to approve for the use of apps during installation.
Here are the steps on how the process flow is.
1 Add add-in with app only tenant admin permissions, to app catalog.
2.Go the site contents in the site where you want to use the add-in.
3.Click on add-in to install, it will display a message "You can't add app here"" Find out why".
4.Click on "Find out why". It will take navigate to the Add in approval request page. Click on "Request Approval".
5.The app approval request goes to tenant admin who has to approve the app installation. Tenant admin has to browse to app catalog and check the app requests pending for approval.
6.Click on the app in "App Requests" list, tenant admin should be able to approve the app.
7.Now go back to the site contents of the site where the add-in to be installed. and click on the ad-in, you should now be able to trust the app to install.
The request approval flow applies to tenant admin if he want to install an app in any site. Tenant admin request approval in the site and then go to the app catalogue to approve the app request, then only he would be able to get back to site contents and install the app.
aravinda
- Marked as answer by Shivasharanappah Tuesday, October 4, 2016 9:07 AM
