Tuesday, April 23, 2013

SharePoint 2013 Elivating app permissions beyond the user permissions

Scenario: How to alleviate app permissions, say for example you want your app to add an item to a list, but user using the app doesn't have write permissions on the list. So how can you still make an app add a list item, when run by a user with read only permissions on a list?

Solution: Well to achieve this do not use user permissions at all. Just use app-only permissions  to elevate the permissions of the app above the current user running the app.

We can achieve this by adding "AllowAppOnlyPolicy" attribute to "AppPermissionRequests". Using this approach we can create an app that does some job repetitively, similar to timer jobs.

For more detailed information on this topic refer:-
http://blogs.msdn.com/b/kaevans/archive/2013/02/23/sharepoint-2013-app-only-policy-made-easy.aspx