{"id":42,"date":"2023-07-16T13:47:00","date_gmt":"2023-07-16T13:47:00","guid":{"rendered":"https:\/\/kb.ctse.nl\/?page_id=42"},"modified":"2024-01-20T23:28:27","modified_gmt":"2024-01-20T23:28:27","slug":"powerdoc-installation-create-2-appregistrations","status":"publish","type":"page","link":"https:\/\/kb.ctse.nl\/?page_id=42","title":{"rendered":"PowerDoc Installation: AppRegistration"},"content":{"rendered":"\n

Azure App registration<\/strong><\/h2>\n\n\n\n

1) In the Azure-portal create a new appregistration<\/p>\n\n\n\n

Name: PowerDoc<\/p>\n\n\n\n

Platform: SPA (single page application)<\/p>\n\n\n\n

Redirect-url: set here the url of the PowerApps-environment, for example: https:\/\/contoso.crm4.dynamics.com<\/p>\n\n\n\n

Api-permissions:<\/p>\n\n\n\n

Api<\/strong><\/td>Type<\/strong><\/td>Permission<\/strong><\/td><\/tr>
Microsoft Graph<\/td>Delegated<\/td>Files.ReadWrite.All<\/td><\/tr>
Sites.Read.All<\/td><\/tr>
User.Read<\/td><\/tr>
Application<\/td>Sites.Selected<\/td><\/tr>
Power Automate<\/td>Delegated<\/td>Flows.Read.All<\/td><\/tr>
User<\/td><\/tr>
PowerApps Service<\/td>Delegated<\/td>User<\/td><\/tr>
Sharepoint<\/td>Application<\/td>Sites.Selected<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

NB: after adding the permissions, click on the button “Grant admin consent for…”<\/p>\n\n\n\n

2) Under \u201cAuthentication\u201d you can set more redirect-urls for the other environments, for example:<\/p>\n

https:\/\/contoso-dev.crm4.dynamics.com
\nhttps:\/\/contoso-acc.crm4.dynamics.com
\nhttps:\/\/contoso.crm4.dynamics.com<\/p><\/p>\n\n\n\n

<\/p>\n\n\n\n

NB: Don\u2019t forget to save when you\u2019re done!<\/p>\n\n\n\n

3) Collect the client-id of the appregistration, you can find this in the appregistration at \u201cOverview\u201d and then the value of \u201cApplication (client) ID\u201d.<\/p>\n\n\n\n

4) Secret: create a never ending secret by this PowerShell-command (replace xxxx-xxxx-xxxx-xxxx-xxxx by the object-id<\/u><\/em> of the appregistration):<\/p>\n\n\n\n

Install-Module AzureAD -Force\nConnect-AzureAD\n$appObjectId = \"xxxx-xxxx-xxxx-xxxx-xxxx\"\n$startDate = Get-Date\n$endDate = $startDate.AddYears(98)\n$aadAppsecret01 = New-AzureADApplicationPasswordCredential -ObjectId $appObjectId -StartDate $startDate -EndDate $endDate\nWrite-Output $aadAppsecret01<\/code><\/pre>\n\n\n\n
NB: Collect the generated secret from the output.<\/p>\n\n\n\n
5) Set site-permissions for app via PowerShell (replace {host} and {sitename} by valid values and replace the yyyy-yyyy-yyyy-yyyy-yyyy value by the client-id<\/u><\/em> of the appregistration):<\/p>\n\n\n\n
Install-Module -Name PnP.PowerShell\n$siteUrl=\"https:\/\/{host}.sharepoint.com\/sites\/{sitename}\"\n$clientId=\"yyyy-yyyy-yyyy-yyyy-yyyy\"\n$appName=\"PowerDocs S2S\"\nConnect-PnPOnline $siteUrl -Interactive\nGrant-PnPAzureADAppSitePermission -AppId $clientId -DisplayName $appName -Site $siteUrl -Permissions Write\nSet-PnPTenant -DisableCustomAppAuthentication $false<\/code><\/pre>\n\n\n\n
6) After this go in your browser to this address (replace {host} and {sitename} by valid values):<\/p>\n\n\n\n
App-Id: search on the client-id<\/u><\/em> of the appregistration<\/p>\n\n\n\n
Title: will be filled automatically<\/p>\n\n\n\n
App-domain: localhost<\/p>\n\n\n\n
Redirect-url: https:\/\/localhost<\/p>\n\n\n\n
Xml:<\/p>\n\n\n\n
<AppPermissionRequests AllowAppOnlyPolicy=\"true\">\n  <AppPermissionRequest Scope=\"http:\/\/sharepoint\/content\/sitecollection\" Right=\"FullControl\" \/>\n<\/AppPermissionRequests><\/code><\/pre>\n\n\n\n
Click on the button \u201cCreate\u201d and after that on the button \u201cTrust it\u201d.<\/p>\n\n\n\n
Go to next step ><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Azure App registration 1) In the Azure-portal create a new appregistration Name: PowerDoc Platform: SPA (single page application) Redirect-url: set here the url of the PowerApps-environment, for example: https:\/\/contoso.crm4.dynamics.com Api-permissions: Api Type Permission Microsoft Graph Delegated Files.ReadWrite.All Sites.Read.All User.Read Application Sites.Selected Power Automate Delegated Flows.Read.All User PowerApps Service Delegated User Sharepoint Application Sites.Selected NB: after […]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":38,"menu_order":2,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-42","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/pages\/42","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=42"}],"version-history":[{"count":16,"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/pages\/42\/revisions"}],"predecessor-version":[{"id":304,"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/pages\/42\/revisions\/304"}],"up":[{"embeddable":true,"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=\/wp\/v2\/pages\/38"}],"wp:attachment":[{"href":"https:\/\/kb.ctse.nl\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=42"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}