MC897562 – Introducing Guest App Permission Management for SharePoint Admins

SharePoint Logo

check before: 2024-10-01

Product:

SharePoint

Platform:

Online, World tenant

Status:

Change type:

New feature, Admin impact

Links:

Details:

Summary:
SharePoint Admins can soon manage guest app permissions using SharePoint Online Management Shell cmdlets. Updates to Get-SPOApplication and Set-SPOApplicationPermission will facilitate this. Rollout starts early October 2024 for Targeted Release, and mid-October 2024 for General Availability. Admins must download the latest SharePoint PowerShell version to prepare.

Details:
SharePoint Embedded Administrators will be able to grant guest applications permission to SharePoint Embedded applications within their tenant using cmdlets in SharePoint Online Management Shell. A guest application is defined as any application within the enterprise applications of the owning tenant.
Get-SPOApplication includes changes to view guest application permissions
Set-SPOApplicationPermission includes changes to manage guest application permission management
[When this will happen:]
Targeted Release: We will begin rolling out early October 2024 and expect to complete by mid-October 2024.
General Availability (Worldwide): We will begin rolling out in mid-October 2024 and expect to complete by late October 2024.
Current SharePoint admins will need to download the latest version of SharePoint PowerShell to access changes to guest application permission management cmdlet changes

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2024-09-25

updated:
2024-09-25

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

SharePoint administrators will soon be able to manage permissions for guest applications using updated Get-SPOApplication and Set-SPOApplicationPermission commands in the SharePoint Online Management Shell, with the rollout starting in early October 2024 for the Targeted Release program and generally available by mid-October 2024.

Direct effects for Operations**

Guest Application Permission Management
If SharePoint Admins do not prepare by downloading the latest SharePoint PowerShell version, they will be unable to manage guest application permissions effectively, leading to potential unauthorized access to sensitive SharePoint Embedded applications.
   - roles: SharePoint Admins, Tenant Admins
   - references: https://learn.microsoft.com/powershell/module/sharepoint-online/get-spoapplication?view=sharepoint-ps, https://learn.microsoft.com/powershell/module/sharepoint-online/set-spoapplicationpermission

User Access Control
Without proper preparation, the inability to manage guest application permissions may result in users facing access issues or security vulnerabilities, as guest applications may not be properly vetted or controlled.
   - roles: SharePoint Admins, End Users
   - references: https://learn.microsoft.com/powershell/sharepoint/sharepoint-online/introduction-sharepoint-online-management-shell?view=sharepoint-ps

Configutation Options**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only

** AI generated content. This information must be reviewed before use.

a free basic plan is required to see more details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.



Share to MS Teams

Login to your account

Welcome Back, We Missed You!