The enterprise implementing the solution needs to setup two applications:

1. An application that has admin permissions over sharepoint: this application is only used by the IT team of the enterprise to manage the permissions of the rest of the applications, StackAI won’t have access to this application.
2. A separate application with microsoft graph sites.selected permission, this is the app that stack will have access to. We need the admin application to be able to set up the permissions of this app.

Setting up the admin app:

1. Go to App Registrations on Microsoft Azure (link)
2. Create a new app registration
   1. Add a name to the app
   2. Select “Accounts in this organizational directory only (your org name only - Single tenant)
   3. Hit Register

1. Set up the app API permissions:
   1. Under Manage go to API permissions

b. Click on “Add a permission”

c. Click on Microsoft Graph

d. Click on “Application permissions”

d) Add the Sites.FullControl.All permission