Custom integration between Dynamics 365/CDS and SharePoint using C# and SharePoint REST API ? Learn how to create a SharePoint Add-in and generate authentication token–Part 2

Follow my blog for more interesting topics on Dynamics 365, Portals and Power Platform. For training and consulting, write to us at

If you are directly on this blog, I suggest you go through the first blog of this series.

In our previous blog, we created the SharePoint Add-in. In this blog we shall be providing this APP permissions on sitecollection.

To apply permissions to the generated Add-In either you can visit SharePoint Tenant Administration Site or via AppInv.aspx page

Visit SharePoint Admin center to do this. Go to <admin_site_url>/_layouts/15/appinv.aspx


Use the App Id that you created as per directions in previous blog and click on Lookup button to retrieve the APP Details.


The important thing is the App’s permission.

If you want to provide full control at the tenant level use the following permission XML

<AppPermissionRequests AllowAppOnlyPolicy="true">

<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />



Once you click Create you will be presented with permission dialog. Click Trust It to grant permissions


Now your Add-In is ready for use. As we granted tenant-level permissions you might be wondering if I need do the same for specific site collection. No worries this can he handled as well. Create Add-In app in your Site Collection using Blog Post 1 and follow the similar approach but modify the permissions XML as below:

<AppPermissionRequests AllowAppOnlyPolicy="true">

<AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl"/>

<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl"/>


In this way we create Add-Ins and grant permissions to Add-In. In Part-3 of my blog I will show you how to generate token from Add-in.

Hope this helps!

Debajit Dutta

(Microsoft MVP)

Leave a Reply