Microsoft retires ACS Let me quote Microsoft just to start (Dec 18, 2023): So, for new development it is strictly recommended to use Azure Registered Apps to access Microsoft 365 resources programmatically. You still need ACS in some cases But, as always, it all is not so simple, as Hopefully, Microsoft will resolve all the […]
Microsoft announced retirement for SharePoint Add-Ins and ASC-based app permissions (SharePoint app-only principals). Let me summarize here: Timeline Known key retirement milestone dates: (*) SPFx based solutions will continue to be available, Installation from a private app catalog stays possible(**) regardless of their origin (public marketplace, private tenant catalog) So timeline is generous, and we […]
Scenario You administer Microsoft 365 SharePoint Online. Part of your daily activities is providing Microsoft Graph and SharePoint Sites.Selected API permissions to other users (developers). In Aug/Sep 2023 Microsoft pushed an update that prevents site collection admins to create or update an Azure Access Control (ACS) principal (that was the way most of developers used […]
Scenario You are trying to register an application at SharePoint site with appregnew.aspx page and you are getting an error or notification message “Your SharePoint tenant admin doesn’t allow site collection admins to create an Azure Access Control (ACS) principal“. Or you are trying to provide ACS-based permissions for an application to SharePoint site with […]
Sites.Selected permissions are required for the non-interactive applications to get access to a specific SharePoint site using Microsoft Graph API and/or SharePoint API.(Since Microsoft announced EOL of SharePoint App-only service principals, Sites.Selected is the only option going forward). Below are Brief overview of Sites.Selected Historically, we utilized so called SharePoint app-only service principals to get […]
There are well-known SharePoint app-only service principals and ACS-based permissions. It is kind of old-school way – introduced as part of Add-Ins for SharePoint 2013 – to get unattended access to SharePoint site (application access, i.e. access without user presence). Such apps are called daemon apps or service apps or background jobs etc… Microsoft announced […]