[BUG] Add-PnPTermToTerm with Sites.Selected permissions not working #3041
Description
Reporting an Issue or Missing Feature
Granted access to an Azure App via Grant-/Set-PnPAzureADAppSitePermissions with FullControl (Sites.Selected permissions)
It does not seem to be possible to create terms in a SiteCollection termset via Add-PnPTermToTerm.
Permission for TermStore.ReadWrite.All is not allowed, since global termstore manipulations must not allowed for the App.
Expected behavior
Term can be created.
Actual behavior
Add-PnPTermToTerm: The current user has insufficient permissions to perform this operation.
New-PnPList is working, Get-PnPTerm is working.
Steps to reproduce behavior
- Create an Azure App, granted Selected.Sites
- create / upload certificate
- Grant-PnPAzureADAppSitePermissions (only read and write is possible)
- Get-PnPAzureADAppSitePermission
- Set-PnPAzureADAppSitePermission -PermissionId $permissionsId -Permissions FullControl
- Connect-PnPOnline -Url URL -ClientId APPID -Thumbprint CERTTHUMBPRINT -Tenant TENANTID
What is the version of the Cmdlet module you are running?
PnP.PowerShell 2.1.1
Which operating system/environment are you running PnP PowerShell on?
- Windows
- Linux
- MacOS
- Azure Cloud Shell
- Azure Functions
- Other : please specify