-
Notifications
You must be signed in to change notification settings - Fork 0
/
set_sharepoint_perm.ps1
46 lines (40 loc) · 1.38 KB
/
set_sharepoint_perm.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
##############################################
# THIS SCRIPT REQUIRES Sites.FullControl.All #
##############################################
$tenantId = ""
$clientId = ""
$clientSecret = ""
$clientDisplayName = "Test Application"
# Set the SharePoint site URL and file path
$siteUrl = "https://XXXX.sharepoint.com/sites/MSFT"
$sharepointID = ""
# Get an access token for the Microsoft Graph API
$body = @{
client_id = $clientId
client_secret = $clientSecret
scope = "https://graph.microsoft.com/.default"
grant_type = "client_credentials"
}
$tokenUrl = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token"
$tokenResponse = Invoke-RestMethod -Method Post -Uri $tokenUrl -Body $body
$accessToken = $tokenResponse.access_token
# Use the access token to access the Microsoft Graph API
$headers = @{
"Authorization" = "Bearer $accessToken"
"Content-Type" = "application/json"
}
# Define permissions to set
$perms = @{
roles = @("write")
grantedToIdentities = @(
@{
application = @{
id = $clientId
displayName = $clientDisplayName
}
}
)
} | ConvertTo-Json -depth 10
# Set permissions for the site
$permsEndpoint = "https://graph.microsoft.com/v1.0/sites/$sharepointID/permissions/"
Invoke-RestMethod -Method Post -Uri $permsEndpoint -Headers $headers -Body $perms | ConvertTo-Json -depth 10