ScottMonolith/gist:5ce7e5c8c45bff86149b99a16f44e1d2

## gistfile1.txt
How-to connect to MS Graph using a SP - for reference

# Create self-signed cert for MS Graph Auth
$pass = "securepass"
$DnsName = "host.fqdn.local"
$FilePath = "c:\temp\azureadauth_cert.pfx"
$OutFile = "c:\temp\azureadauth_cert_base64.crt"
$thumb = (New-SelfSignedCertificate -DnsName $DnsName -CertStoreLocation "cert:\LocalMachine\My"  -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddMonths(24)).Thumbprint
$pass = ConvertTo-SecureString -String $pass -Force -AsPlainText
Export-PfxCertificate -cert "cert:\localmachine\my\$thumb" -FilePath $FilePath -Password $pass

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate($FilePath, $pass)
$keyValue = [System.Convert]::ToBase64String($cert.GetRawCertData()) | Out-File $OutFile

Create AzureAD App Registration, name it, select a platform, "Web" (seems you don't need to select a platform anymore).  Then after registering, 'Manage' --> 'API Permissions' and define what is needed.  This script required:
Sharepoint --> Application Permissions --> Sites.Selected
Sharepoint --> Application Permissions --> User.Read.All

(Put-DCSLogs is the app registration) and upload certificate

Give permission for above SP - add Sites.Selected permission, then run Grant-PnPAzureADAppSitePermission per below.

Sites.Selected https://blog.dan-toft.dk/2022/12/sites-selected-permissions/
$applicationId = "2c306133-8070-4207-bb14-cbdf0ddde9d0"
$SiteURL = "https://contoso.sharepoint.com/sites/Plant_Ops"
connect-pnponline -Url https://contoso-admin.sharepoint.com -ClientId 6fb25488-b491-48cb-9274-2f640f4efa37 -interactive
Grant-PnPAzureADAppSitePermission -Permissions "Write" -Site $siteUrl -AppId $applicationId -DisplayName "Put-DCSLogs"

Upload folder to SP Online: https://www.sharepointdiary.com/2018/01/upload-folder-to-sharepoint-online-using-powershell.html
Grant access using AzureAD app-only: https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread
	How-to connect to MS Graph using a SP - for reference

	# Create self-signed cert for MS Graph Auth
	$pass = "securepass"
	$DnsName = "host.fqdn.local"
	$FilePath = "c:\temp\azureadauth_cert.pfx"
	$OutFile = "c:\temp\azureadauth_cert_base64.crt"
	$thumb = (New-SelfSignedCertificate -DnsName $DnsName -CertStoreLocation "cert:\LocalMachine\My" -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddMonths(24)).Thumbprint
	$pass = ConvertTo-SecureString -String $pass -Force -AsPlainText
	Export-PfxCertificate -cert "cert:\localmachine\my\$thumb" -FilePath $FilePath -Password $pass

	$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate($FilePath, $pass)
	$keyValue = [System.Convert]::ToBase64String($cert.GetRawCertData()) \| Out-File $OutFile

	Create AzureAD App Registration, name it, select a platform, "Web" (seems you don't need to select a platform anymore). Then after registering, 'Manage' --> 'API Permissions' and define what is needed. This script required:
	Sharepoint --> Application Permissions --> Sites.Selected
	Sharepoint --> Application Permissions --> User.Read.All

	(Put-DCSLogs is the app registration) and upload certificate

	Give permission for above SP - add Sites.Selected permission, then run Grant-PnPAzureADAppSitePermission per below.

	Sites.Selected https://blog.dan-toft.dk/2022/12/sites-selected-permissions/
	$applicationId = "2c306133-8070-4207-bb14-cbdf0ddde9d0"
	$SiteURL = "https://contoso.sharepoint.com/sites/Plant_Ops"
	connect-pnponline -Url https://contoso-admin.sharepoint.com -ClientId 6fb25488-b491-48cb-9274-2f640f4efa37 -interactive
	Grant-PnPAzureADAppSitePermission -Permissions "Write" -Site $siteUrl -AppId $applicationId -DisplayName "Put-DCSLogs"

	Upload folder to SP Online: https://www.sharepointdiary.com/2018/01/upload-folder-to-sharepoint-online-using-powershell.html
	Grant access using AzureAD app-only: https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread
No results found