Skip to content

spo serviceprincipal grant add

Grants the service principal permission to the specified API

Usage

m365 spo serviceprincipal grant add [options]

Alias

m365 spo sp grant add

Options

-r, --resource <resource>
The name of the resource for which permissions should be granted
-s, --scope <scope>
The name of the permission that should be granted
-h, --help [help]
Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is full.
--query [query]
JMESPath query string. See http://jmespath.org/ for more information and examples
-o, --output [output]
Output type. json,text,csv. Default json
--verbose
Runs command with verbose logging
--debug
Runs command with debug logging

Remarks

Important

To use this command you must be a Global administrator.

Examples

Grant the service principal permission to read email using the Microsoft Graph

m365 spo serviceprincipal grant add --resource 'Microsoft Graph' --scope 'Mail.Read'

Grant the service principal permission to a custom API

m365 spo serviceprincipal grant add --resource 'contoso-api' --scope 'user_impersonation'