Contents
Can a web part use isolated permissions in azure?
If the extension you have added communicated with APIs secured with Azure AD, it wouldn’t be able to retrieve the access token in an isolated way and would fail on runtime. Despite the web part using isolated permissions, there’s nothing specific to how you obtain an access token to an API secured with Azure AD in your code.
Web Parts in Microsoft SharePoint Foundation provide a powerful way for users to interact with other systems. SharePoint Foundation has built-in security settings to restrict the access that a Web Part has to underlying systems. A developer can create custom security policy files to give a Web Part greater access to the underlying system
How can I increase access to my Web part?
If your Web Part needs greater access than what is provided in the minimal settings, there are a number of ways to increase the permissions of your Web Part, but only one is recommended. You can create a custom CAS policy for your Web Part, or increase the overall trust level of the server farm in the web.config file.
Will the components in the solution require permissions to access?
Will the components in the solution require permissions to access web APIs that are unique and not shared with other components in the tenant?: If you answer Yes, the generator will add a flag to your project’s configuration in the config/package-solution.json file, by setting the isDomainIsolated property to true.
After approving an isolated API permission request, SharePoint will create a separate Azure AD application in the Azure AD linked to the Microsoft 365 tenant. This Azure AD application is specific to the SharePoint Framework solution that requested API permissions and will have set OAuth permissions as requested by that solution.
User permissions. For example, site permissions apply to a particular site, list permissions apply only to lists and libraries, and personal permissions apply only to certain objects, such as personal views and private Web Parts. The following tables describe what each permission is used for, the dependent permissions,…