- Login to your Azure Portal with an Admin Account.
- Navigate to Azure Active Directory
- Choose App registrations
- Click New registration
- Set supported account types to Accounts in this organizational directory only
- Set the redirect URI to the app service URL of Modern Share Migrator
- Save the Application (client) ID somewhere because you will need it for the deployment
Note: Redirect URI: https://[your app service name].azurewebsites.net/signin-oidc
- Select the Authentication blade
- Check ID tokens in the Advaned settings section
- Save your changes
- Ensure the redirect URI is valid!
- Select the Certificates & secrets blade
- Add a new client secret with New client secret
- Define a Description and set expiration to Never
- Save the generated secret somewhere because you are not able to look it up again
- Select the API permissions blade
- Click Add a permission to grant required permissions
- Select Microsoft Graph
- Expand Group and check Group.ReadWrite.All
- Expand User and check User.Read.All and confirm with Add permission
- Click Grant admin consent and confirm the displayed dialog with Yes
Use this URL to register SharePoint Add-ins: https://[your tenant]-admin.sharepoint.com/_layouts/15/appinv.aspx
Paste the Application (client) ID in the App Id field and click Lookup. Check if Title and Redirect URL are correct. Set the App Domain. Paste the following XML in the App's Permission Request XML:
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
</AppPermissionRequests>
When the app registration is done use this button to deploy Modern Share Migrator to your Azure subscription.