Step 3: Set-up API Permissions in Azure

API Permissions

Go to API-permissions in Azure => click add permission => Choose SharePoint

First select ‘Delegated permissions’. Use the search bar to quickly navigate to the options below

Select following three options:

1. AllSites.Write
2. Sites.Search.All
3. Termstore.ReadWrite.All

After selecting the options, click “add permissions”.

Note that The Write permission is more like a standard Contribute permission in a SharePoint site i.e. you can add content to libraries but not create any new libraries or make changes to the structure of existing libraries.

Note: You also have FullControl permission to be able to do everything in the site i.e. create, read, update and delete but for 24Files this FullControl permission is not required.

Once this write permission is granted on tenant-level,  only users who have the required rights (cfr oAuth) to access and upload data to that library can contribute. In other words, even with Write rights on tenant level only users who have permissions to upload data can perform these activities.

Microsoft Graph Permissions

Next, we will configure Microsoft Graph permissions.

Configuring Graph Permissions

Go to API-permissions in Azure => click add permission => Microsoft Graph.

First select ‘Delegated permissions’. Use the search bar to quickly navigate to the options below.

Select following options:

• Offline access

• Open ID

After selecting the two options, click “update permissions”.

Grant admin consent

Click “Grant admin consent for {your_company}” next to “Add a permission”.

After you granted the permissions as described above, your granted permissions should look as follows: