|
1 | 1 | --- |
2 | 2 | title: Developing using Tenant permissions with App-Only in SharePoint Online |
3 | | -ms.date: 11/03/2017 |
| 3 | +ms.date: 11/01/2019 |
4 | 4 | localization_priority: Priority |
5 | 5 | --- |
6 | 6 | # Developing using Tenant permissions with App-Only in SharePoint Online |
7 | 7 |
|
8 | | -The developer experience has changed for SharePoint **Provider-hosted Add-ins** that require **Tenant permission in combination with app-only**. This article walks you through the new experience for developing and debugging these solutions. |
| 8 | +The developer experience has changed for SharePoint **Provider-hosted Add-ins** that require **Tenant permission in combination with app-only**. This article walks you through the new experience for developing and debugging these solutions. |
9 | 9 |
|
10 | 10 | _**Applies to:** Provider Hosted Add-ins for SharePoint Online_ |
11 | 11 |
|
12 | | - |
13 | 12 | ## Understanding the Problem |
| 13 | + |
14 | 14 | In Visual Studio, you navigate to Debug, start debugging and receive a message that "**Your tenant administrator has to approve this app**" as depicted below. |
15 | | -. |
| 15 | + |
| 16 | + |
16 | 17 |
|
17 | 18 | The reason why you can't click **trust it** is because Visual Studio is working against the dev site collection you've specified in your project settings whereas tenant level permissions with app-only can only be granted via [trusting it against your tenant administration site](https://msdn.microsoft.com/en-us/pnp_articles/how-to-provide-add-in-app-only-tenant-administrative-permissions-in-sharepoint-online). |
18 | 19 |
|
19 | 20 | ## Walkthrough |
| 21 | + |
20 | 22 | ### Step 1: Create a new service principal |
| 23 | + |
21 | 24 | Navigate to a site collection in your tenant and generate a new client Id and Secret. (E.g., https://contoso.sharepoint.com/_layouts/15/appregnew.aspx). In this page click **Generate** for both the **Client Id**, **Client Secret** Fields and supply the remaining fields. While you are developing the add-in ensure you use localhost.com including the port as the App Domain. You should have something similar as below. |
22 | 25 |
|
23 | | - |
| 26 | + |
24 | 27 |
|
25 | 28 | ### Step 2: Grant Tenant Permissions |
26 | | -In order to perform this step, you must be a SharePoint Online Administrator. |
27 | 29 |
|
28 | | -Navigate to the SharePoint Admin Center (E.g., https://contoso-admin.sharepoint.com/_layouts/15/appinv.aspx) and grant the tenant permissions |
29 | | - |
| 30 | +In order to perform this step, you must be a SharePoint Online Administrator. |
| 31 | + |
| 32 | +Navigate to the SharePoint Admin Center (e.g., https://contoso-admin.sharepoint.com/_layouts/15/appinv.aspx) and grant the tenant permissions |
30 | 33 |
|
31 | | - |
| 34 | + |
32 | 35 |
|
| 36 | + |
33 | 37 |
|
34 | 38 | ### Step 3: Update your manifest and web.config |
| 39 | + |
35 | 40 | In the Visual Studio solution; update the manifest and web.config with the client id created in step 1. |
36 | | - |
37 | 41 |
|
| 42 | + |
38 | 43 |
|
39 | 44 | ### Step 4: Package the app and add the .app file to the App catalog |
| 45 | + |
40 | 46 | Right click on the SharePoint Add-in project and click publish. |
41 | 47 |
|
42 | 48 | Supply the **Client ID** and **Client Secret **created in Step 1. |
43 | 49 |
|
44 | | - |
| 50 | + |
45 | 51 |
|
46 | 52 | Since you want to debug the add-in, ensure that you supply https://localhost.com including the port as depicted below. |
47 | | - |
| 53 | + |
| 54 | + |
48 | 55 |
|
49 | 56 | Now deploy the add-in in the app catalog site. |
50 | 57 |
|
51 | 58 | ### Step 5: Install your add-in in your developer site collection |
52 | 59 |
|
53 | 60 | Navigate to the developer site and add the app. Click on **App Details**. |
54 | | - |
| 61 | + |
| 62 | + |
55 | 63 |
|
56 | 64 | If you clicked on the app tile, you will have to click on "**Find out why**" and request your app |
57 | | - |
| 65 | + |
| 66 | + |
58 | 67 |
|
59 | 68 | Once the request has been submitted the status will be in a pending state until the SharePoint Administrator or the app catalog Administrator approves the request. To approve the request, navigate to the app catalog, App Requests and approve the request. |
60 | 69 |
|
61 | | - |
| 70 | + |
62 | 71 |
|
63 | 72 | Once the request has been approved the add-in may now be installed. |
64 | 73 |
|
65 | | - |
| 74 | + |
66 | 75 |
|
67 | 76 | ### Step 6: Debug your Add-in |
| 77 | + |
68 | 78 | In Visual Studio right click your web project and select **Debug** Start new instance. Once started, navigate to your site and launch the add-in. |
69 | 79 |
|
70 | | - |
| 80 | + |
71 | 81 |
|
72 | | -> [!NOTE] |
| 82 | +> [!NOTE] |
| 83 | +> |
73 | 84 | > - If for some reason your app package file changes you'll need to redeploy it to the app catalog and re-install it to your development site collection |
74 | 85 | > - If you're add-in has an appinstalled event receiver you'll need to ensure that you've done step 6 before you do step 5 |
75 | 86 |
|
76 | | - |
77 | 87 | ## See also |
78 | 88 | <a name="bk_addresources"> </a> |
79 | 89 |
|
80 | 90 | - [Add-in app only tenant administrative permissions in SharePoint Online](https://msdn.microsoft.com/en-us/pnp_articles/how-to-provide-add-in-app-only-tenant-administrative-permissions-in-sharepoint-online) |
81 | 91 | - [Add-in permissions in SharePoint 2013](https://msdn.microsoft.com/en-us/library/office/fp142383.aspx) |
82 | 92 | - [Explore the app manifest structure and the package of a SharePoint Add-in](https://msdn.microsoft.com/en-us/library/office/fp179918.aspx) |
83 | | - |
|
0 commit comments