Create App Registration
The function app will use the SharePoint PnP PowerShell library to make configuration changes to SharePoint sites. We will need to create an application registration in Microsoft Entra and create certificate for the Function App. This application will need to be able to make changes to all sites in the tenant, which is the Sites.FullControl.All graph api permission.
A certificate will need to be generated and provided for this step. This is usually provided by the client, but for dev/test purposes, you can refer to Create Self Signing Certificate for details on creating a self-signing certificate.
Access Microsoft Entra and click on App Registration from the Applications menu navigation. Click on New registration to create an application registration.
Set the name and click on Register to create the app registration.
Note the application (client) id and tenant information from the app registration, and click on Certificates & secrets from the sub-menu.
Select API permissions from the sub-menu, and click on + Add a permission.
Click on Graph API.
Search for Sites and select the Sites.FullControl.All permission.
Repeat steps 6-8 and add the following permissions:
- Graph API -> Directory.Read.All
- SharePoint -> Sites.FullControl.All
The permission will not be applied, until you grant the permission. Click on Grant admin consent for Microsoft and confirm the selection.
