Set the permissions of the Microsoft 365 application for Token Vault

  1. Select API permissions in the menu on the left.
  2. In the panel on the right click the Add a permission button to configure permissions for the application.
  3. Add those permissions only that are required.
    Different usage scenarios and components require different permissions. Add those permissions only that are required. To set up permissions for SharePoint online workflows, do the following:
    1. Select the SharePoint option under the Commonly used Microsoft APIs group on the Request API permissions page.
    2. Select Delegated permissions.
    3. Locate the AllSites permission group and select the AllSites.Write checkbox.
    4. Locate TermStore permission group and select the TermStore.Read.All checkbox to allow the application to read data of managed metadata.
      This permission is required if Managed metadata columns are configured and used in your SharePoint Online tenant. For this permission admin consent is required.
    5. Click the Add permissions button.
      There is a delay between permissions being configured and when they appear on the consent prompt.
    6. If you select TermStore.Read.All permission, and permissions are configured and appeared on the consent prompt, click on the Grant admin consent for … button to allow this app to read managed metadata.