Azure ACS App based authentication fails for Tenant Level Operation

[wizneeraj]

Target SharePoint environment

SharePoint Online

What SharePoint development model, framework, SDK or API is this about?

SharePoint CSOM

Developer environment

Windows

What browser(s) / client(s) have you tested

• [ ] 💥 Internet Explorer
• [ ] 💥 Microsoft Edge
• [ ] 💥 Google Chrome
• [ ] 💥 FireFox
• [ ] 💥 Safari
• [ ] mobile (iOS/iPadOS)
• [ ] mobile (Android)
• [ ] not applicable
• [X] other (enter in the "Additional environment details" area below)

Additional environment details

C# based code

Describe the bug / error

We are currently using CSOM based model to setup properties of a Site. The context is built using GetACSAppOnlyContext(clientid, clientsecret).

var adminURL = "https://tenant-admin.sharepoint.com/"; var context = TokenHelperTenant.GetContext(adminURL);

var tenant = new Tenant(context); var siteProperties = tenant.GetSitePropertiesByUrl("https://tenant.sharepoint.com/sites/portal", true); context.Load(siteProperties, s =] s.SharingCapability); context.ExecuteQuery(); //line where the error occurs - "Attempted to perform an unauthorized operation"

The Client App being used has Tenant level Full control permission which was created using appregnew.aspx page and I have ensured DisableCustomAppAuthentication setting is not enabled at the tenant level.

We have started facing the issue starting today. Kindly assist. The issue happens when Get-PnPTenantSite cmdlet is also used.

Steps to reproduce

1. Register an app with tenant level full control permission using the appregnew.aspx & appinv.aspx page
2. Use the generated client id & secret to access the site properties using Get-PnPTenantSite

Expected behavior

Should be able to access the properties of the Site from the Tenant