Graph API: Sites Selected

to setup granular permissions for the middleware application you will need to create an azure application that already has the permission sites selected with admin consent granted (see the below screenshot to setup granular permissions for the middleware application you will need to create an azure application that already has the permission sites selected with admin consent granted ) once that is completed we will use the graph explorer to give permissions to our azure application for the selected site visit https //developer microsoft com/en us/graph/graph explorer https //developer microsoft com/en us/graph/graph explorer (login as a tenant admin) in the url input for query enter the following https //graph microsoft com/beta/sites/\<hostname> /sites/\<site name> https //graph microsoft com/beta/sites/ybvp4 sharepoint com /sites/middleware (see example below) and click run query subsites are not supported in the response object copy the highlighted value under "id" (this is different for each tenant and site do not copy the sample site id provided in the screenshot) in url input for query enter the following and run the following query https //graph microsoft com/beta/sites/\<insert site id>/permissions https //graph microsoft com/beta/sites/ybvp4 sharepoint com,d7fc546c 1aa1 4207 85fa d324776a235b,85566eaa b416 4c76 8998 67fda9c1ee96/permissions you may recieve a 403 forbidden access response if so click modify response and consent the permissions change the request from a get to post click request body tab and modify the following json object sample below with the applicable azure application id and display name for your organization (you can get the azure app id and display name from the overview page of the azure application) { "roles" \[ "fullcontrol" ], "grantedtoidentities" \[ { "application" { "id" "insert azure application id", "displayname" "insert azure application display name" } } ] } below is a screenshot if the permissions have been setup successful