AutoStoreRoute ComponentsSharePoint GraphConfiguring Modern Authentication / OAuth2Set the permissions of the Microsoft 365 application for Token Vault

Set the permissions of the Microsoft 365 application for Token Vault

  1. Click on API permission on left and select Add permission.
  2. Choose Microsoft Graph and based on your connection method - Application on Delegation – select the permission type.
    If you are using both of them, you need to add Delegated and Application permissions as well.
  3. If you use Application mode, click on Application permission.
    Application mode means TokenVault is not used.
    1. Select the following permissions:
      • Files > Files.Read.Write.All: read and upload files.
      • Sites > Sites.ReadWrite.All: read sites on General Tab > Sites section and write and upload List items.
      • Group > Group.Read.All: read groups. You can verify this permission on the Documents tab by clicking Permission > Add > Type > Group > Browse.
      • User > User.Read.All: read users. You can verify this permission on the Documents tab by clicking Permission > Add > Type > Group > Browse.
    2. Grant admin consent for the selected permissions.
  4. If you use Delegated mode, click on Delegated.
    Application mode means TokenVault is not used.
    1. Add the following permissions:
      • Files > Files.Read.Write.All: read and upload files.
      • Sites > Sites.FullControll.All: read sites and write/upload List items.
      • Group > Group.Read.All: read groups. You can verify this permission on the Documents tab by clicking Permission > Add > Type > Group > Browse.
      • User > User.Read.All: read users. You can verify this permission on the Documents tab by clicking Permission > Add > Type > Group > Browse.
    2. Grant admin consent for the selected permissions.