What are You Looking For?

Create SharePoint Sites with Sites.Create.All in Microsoft Graph

Create SharePoint Sites with Sites.Create.All in Microsoft Graph -

๐˜๐จ๐ฎ ๐œ๐š๐ง ๐ง๐จ๐ฐ ๐œ๐ซ๐ž๐š๐ญ๐ž ๐’๐ก๐š๐ซ๐ž๐๐จ๐ข๐ง๐ญ ๐ฌ๐ข๐ญ๐ž ๐œ๐จ๐ฅ๐ฅ๐ž๐œ๐ญ๐ข๐จ๐ง๐ฌ ๐๐ข๐ซ๐ž๐œ๐ญ๐ฅ๐ฒ ๐ฎ๐ฌ๐ข๐ง๐  ๐Œ๐ข๐œ๐ซ๐จ๐ฌ๐จ๐Ÿ๐ญ ๐†๐ซ๐š๐ฉ๐ก!

No more relying on legacy APIs. But hereโ€™s the best part!

This update introduces a new low-privilege permission:

โœจ ๐’๐ข๐ญ๐ž๐ฌ.๐‚๐ซ๐ž๐š๐ญ๐ž.๐€๐ฅ๐ฅ โœจ

โ†’ Purpose-built for secure provisioning
โ†’ Lets apps create new sites
โ†’ DOES NOT allow reading other sites in the tenant
โ†’ Auto-grants FullControl only on the site it creates

This is a huge shift from the old Sites.FullControl.All requirement โ€” which basically gave apps access to everything.

If youโ€™re currently using Sites.FullControl.All:

โžก๏ธ Replace with Sites.Create.All + Sites.Selected
โžก๏ธ Add app permissions to existing sites via /permissions API
โžก๏ธ Keep everything else mostly unchanged

The fact that it took this long is frustrating. But the fact that they built it RIGHT with true least-privilege architecture is worth celebrating.

Write a Comment

Leave a Comment

Your email address will not be published. Required fields are marked *

Subscribe to Newsletter

Subscribe to our email newsletter to get the latest posts delivered right to your email.
Powered by Amail.