Set-SPAppPrincipalPermission

Sets the permissions on a given app principal.

Syntax

Set-SPAppPrincipalPermission
   -AppPrincipal <SPAppPrincipal>
   -Right <SPCmdletAppPrincipalPermissionKind>
   -Scope <SPCmdletAppPrincipalPermissionScope>
   -Site <SPWebPipeBind>
   [-AssignmentCollection <SPAssignmentCollection>]
   [-Confirm]
   [-WhatIf]
   [-EnableAppOnlyPolicy]
   [<CommonParameters>]

Description

Use the Set-SPAppPrincipalPermission cmdlet to set the permissions on a given app principal for a given scope (tenant, site collection, and web) and given levels (Read, Write, Manage, Full Control).

For permissions and the most current information about Windows PowerShell for SharePoint Products, see the online documentation at SharePoint Server Cmdlets.

Examples

---------------EXAMPLE-------------

$clientID = "11111111-2222-3333-4444-555555555555"
$site = Get-SPSite https://siteUrl
$realm = Get-SPAuthenticationRealm -ServiceContext $site
$appIdentifier = $clientID + "@" + $realm
$appPrincipal = Get-SPAppPrincipal -NameIdentifier $appIdentifier -Site $site.RootWeb
Set-AppPrincipalPermission -AppPrincipal $appPrincipal -Site $site.RootWeb -Scope Site -Level Manage

This example sets the App Principal permission to Manage with a scope of Site.

Parameters

-AppPrincipal

Specifies the AppPrincipal object.

Type:SPAppPrincipal
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-AssignmentCollection

Manages objects for the purpose of proper disposal. Use of objects, such as SPWeb or SPSite, can use large amounts of memory and use of these objects in Windows PowerShell scripts requires proper memory management. Using the SPAssignment object, you can assign objects to a variable and dispose of the objects after they are needed to free up memory. When SPWeb, SPSite, or SPSiteAdministration objects are used, the objects are automatically disposed of if an assignment collection or the Global parameter is not used.

When the Global parameter is used, all objects are contained in the global store. If objects are not immediately used, or disposed of by using the Stop-SPAssignment command, an out-of-memory scenario can occur.

Type:SPAssignmentCollection
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-Confirm

Prompts you for confirmation before executing the command. For more information, type the following command: get-help about_commonparameters

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-EnableAppOnlyPolicy

Specifies if the app only policy is turned on for the app principal.

The valid values are True and False. The default value is False.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-Right

Specifies the permission level for the principal object.

The value is any of the following levels:

--Read

--Write

--Manage

--Full Control

Type:SPCmdletAppPrincipalPermissionKind
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-Scope

Specifies the scope to which to apply the principal permission.

The value is any of the following scopes:

--Site

--SiteCollection

--SiteSubscription

Type:SPCmdletAppPrincipalPermissionScope
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-Site

Specifies the site (that is, SPWeb object) that the AppPrincipalPermission is being set.a

Type:SPWebPipeBind
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition

-WhatIf

Displays a message that describes the effect of the command instead of executing the command. For more information, type the following command: get-help about_commonparameters

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False
Applies to:SharePoint Server Subscription Edition