Skip to content

spo serviceprincipal grant add

Grants the service principal permission to the specified API

Usage

m365 spo serviceprincipal grant add [options]

Alias

m365 spo sp grant add

Options

-r, --resource <resource>
The name of the resource for which permissions should be granted
-s, --scope <scope>
The name of the permission that should be granted
-h, --help
output usage information
--query [query]
JMESPath query string. See http://jmespath.org/ for more information and examples
-o, --output [output]
Output type. json,text. Default text
--verbose
Runs command with verbose logging
--debug
Runs command with debug logging

Important

To use this command you have to have permissions to access the tenant admin site.

Examples

Grant the service principal permission to read email using the Microsoft Graph

m365 spo serviceprincipal grant add --resource 'Microsoft Graph' --scope 'Mail.Read'

Grant the service principal permission to a custom API

m365 spo serviceprincipal grant add --resource 'contoso-api' --scope 'user_impersonation'