diff --git a/sharepoint/sharepoint-ps/Microsoft.Online.SharePoint.PowerShell/Set-SPOApplicationPermission.md b/sharepoint/sharepoint-ps/Microsoft.Online.SharePoint.PowerShell/Set-SPOApplicationPermission.md index 4acf9939a..333da8924 100644 --- a/sharepoint/sharepoint-ps/Microsoft.Online.SharePoint.PowerShell/Set-SPOApplicationPermission.md +++ b/sharepoint/sharepoint-ps/Microsoft.Online.SharePoint.PowerShell/Set-SPOApplicationPermission.md @@ -27,7 +27,9 @@ Set-SPOApplicationPermission [-OwningApplicationId] [-GuestApplicationId] The `Set-SPOApplicationPermission` cmdlet manages permissions for a guest application's access to a SharePoint Embedded application. This includes adding, updating, and deleting guest application permissions. A guest application is defined as any application within the enterprise applications of the owning tenant. -You must be a SharePoint Administrator to run this cmdlet. For permissions and the most current information about Windows PowerShell for SharePoint Online, see the online documentation at [Intro to SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/introduction-sharepoint-online-management-shell). +You must be a SharePoint Embedded Administrator to run this cmdlet. + +For permissions and the most current information about Windows PowerShell for SharePoint Online, see the online documentation at [Intro to SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/introduction-sharepoint-online-management-shell). > [!NOTE] > Only app-only permissions are supported for guest applications accessing SharePoint Embedded applications. Delegated permissions are not supported and are default set to `None`. @@ -37,7 +39,7 @@ You must be a SharePoint Administrator to run this cmdlet. For permissions and t ### Example 1 ```powershell -Set-SPOApplicationPermission -OwningApplicationId a187e399-0c36-4b98-8f04-1edc167a0996 -ApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly Read, Write +Set-SPOApplicationPermission -OwningApplicationId a187e399-0c36-4b98-8f04-1edc167a0996 -GuestApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly Read, Write ``` Example 1 gives the guest application with ID `12345678-1234-1234-abcd-abcdefghijkl` app-only Read, Write permissions to access the owning application Microsoft Loop of ID `a187e399-0c36-4b98-8f04-1edc167a0996`. @@ -45,14 +47,14 @@ Example 1 gives the guest application with ID `12345678-1234-1234-abcd-abcdefghi ### Example 2 ```powershell -Set-SPOApplicationPermission -OwningApplicationId 5e2795e3-ce8c-4cfb-b302-35fe5cd01597 -ApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly ReadContent, WriteContent -PermissionDelegated None +Set-SPOApplicationPermission -OwningApplicationId 5e2795e3-ce8c-4cfb-b302-35fe5cd01597 -GuestApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly ReadContent, WriteContent -PermissionDelegated None ``` Example 2 gives the guest application with ID `12345678-1234-1234-abcd-abcdefghijkl` app-only ReadContent, WriteContent permissions to access the owning application Microsoft Designer of ID `a187e399-0c36-4b98-8f04-1edc167a0996`. ### Example 3 ```powershell -Set-SPOApplicationPermission -OwningApplicationId 5e2795e3-ce8c-4cfb-b302-35fe5cd01597 -ApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly None -PermissionDelegated None +Set-SPOApplicationPermission -OwningApplicationId 5e2795e3-ce8c-4cfb-b302-35fe5cd01597 -GuestApplicationId 12345678-1234-1234-abcd-abcdefghijkl -PermissionAppOnly None -PermissionDelegated None ``` Example 3 sets guest application permissions to None for the guest application with ID `12345678-1234-1234-abcd-abcdefghijkl`. This has deleted previous permissions for that guest application to access owning application of `a187e399-0c36-4b98-8f04-1edc167a0996`.