To embed a SharePoint Library in WordPress, you need to update the static API Permissions for your registered application (= App registration) in Microsoft Entra ID / Azure AD.
Perform the following steps to update the API Permissions of the App registration in Microsoft Entra ID / Azure AD.
- Go to WP Admin > WPO365 > Single Sign-on, scroll to the section Azure Active Directory and click the link View in Azure Portal to open the App registration’s Overview page in Azure Portal.
- Continue from the Overview page to API Permissions page.
Permission to add when you want to enable “Delegated Access”
- Click + Add a permission and add the following permissions:
- Microsoft Graph > Delegated permissions > Sites.Read.All
Permission to add when you want to enable “Application Access” for “anonymous” users (premium)
- Click + Add a permission and add the following permissions:
- Microsoft Graph > Application permissions > Sites.Selected
- Click Add permission to save your changes.
The delegated permission Sites.Read.All gives WPO365 permissions to read data in any SharePoint / OneDrive site collection in a security-trimmed fashion. This means that WPO365 can only successfully request data from site collections where the user has been given access. If a user is not allowed to access the site collection, WPO365 will receive a response, indicating that items cannot be retrieved and that access is forbidden.
The application permission Sites.Selected gives WPO365 permissions to read data in any SharePoint site collection that has been configured to allow access to an specific application, as explained in Advanced | Access for “anonymous” users.
- After you updated the API Permissions, you must still grant your consent as an administrator of your tenant, using the corresponding link-button.
In case the link to Grant admin consent … appears greyed out, it means that you do not have sufficient permissions. In that case you must ask a Global Administrator in your organization to grant admin consent instead.