Introduction Thanks to Kinga Kazala for her timely article Deploy SPFx app using pipeline’s Workload Identity federation, which showcases how to use Workload Identity Federation to alleviate the need for using Entra app secrets or certificates. This method simplifies the setup process, especially when there’s reliance on a single person who might be unavailable. We initially set up the SPFx pipeline for the Test environment using certificates with CLI for M365.

Introduction With the release of SPFx 1.20.0 in September 2024, I decided to upgrade an existing SPFx solution to the latest version following a post by Microsoft 365 & Power Platform Community on Linkedin This process can be challenging, especially when dealing with dependency version conflicts. In this blog post, I’ll walk you through the steps to upgrade your SPFx solution to version 1.20.0, including installing Node.js 18.18.0, using the CLI for Microsoft 365 to generate upgrade instructions, and addressing common issues.

Introduction The SharePoint Framework (SPFx) 1.20.0 has been generally available since September 2024. However, if you work with SPFx, you might encounter issues when trying to use the latest version. SPFx still requires Node.js 18.x.x. In this blog post, I’ll walk you through the steps I took to install Node.js 18.20.4 using NVM, install the SPFx toolchain, and troubleshoot an issue where the project scaffolding defaulted to an older version of SPFx.

Ensuring the security and compliance of your SharePoint environment is crucial, especially when dealing with service principals, Entra ID apps, or federated identities. These entities often have elevated permissions that, if mismanaged, can lead to unauthorized access and potential data breaches. Regularly auditing these permissions is a best practice for maintaining a secure and compliant SharePoint environment. Application only or granular access to individual site instead of whole tenant, scope called “Sites.

The script checks the ‘SharePoint Online Web Client Extensibility’ Principal within Entra ID for the actual assigned permissions as the SPFx solutions requests are all be added to that single shared permission group. As hilghlighted by “Wes Hackett”: I’ve personally seen plenty of tenants with Mailbox permissions with no corresponding solutions live in the app catalogs. Early SPFx doc examples encouraged the use of MS Graph into Mailbox permissions in one of the how to learn samples, older tenants sometimes have this breadcrumb left behind.

Have you ever needed to gather detailed information about SPFx solutions installed in your SharePoint environment, such as API permissions, for auditing, inventory, or compliance purposes? The PowerShell script below helps you retrieve these details from both the tenant-level and site collection app catalogs for auditing with the aim to improve security posture by removing unneeded apps and access rights. To execute this script, you must have Global Administrator or SharePoint Administrator roles.

Find SharePoint Framework (SPFx) Packages with PowerShell in Tenant and Site Collection App Catalogs This post covers a PowerShell script to generate an inventory of SPFx installations within your SharePoint Online environment which will help you maintain oversight of your SPFx solutions, ensuring they are up-to-date and compliant. The script was particularly useful in pinpointing sites within the tenant where third-party applications, specifically an analytics SPFx component, were deployed. This was crucial for ensuring that data collection was confined to designated sites, such as the intranet in my case study.

Managing Service Principal Permission Requests using PowerShell Permission to the “SharePoint Online Client” service principal can be granted either in declarative method within SPFx solutions or directly. This post explores how to handle both declarative and direct permission grants using SPO PowerShell , ClI for M365 and PnP PowerShell. PnP PowerShell Get all service principal permission grants Gets the collection of permission grants for the “SharePoint Online Client” service principal using the cmdlet Get-PnPTenantServicePrincipalPermissionGrants

Troubleshooting NVM Setup Issues for SPFx Development I have not used my dev machine for SPFx development for over a year. Before diving into any new SPFx development, I followed the typical procedure of installing the latest Node.js version 18.19.0 supported by the current SPFx version (1.18.2) using nvm (node version management).nvm allows to maintain different development environment. nvm install 18.19.0 Following this, I proceeded to install the SPFx toolchain:

Retracting SPFx Solutions from Hub Site and associated sites using PnP PowerShell SharePoint Framework (SPFx) solutions are a powerful tool for extending and customizing SharePoint sites. However, managing these solutions across multiple sites in a SharePoint tenant can be a daunting task. Fortunately, PnP PowerShell provides automation capabilities that can streamline these operations and ensure consistency across the tenant. The blog post Deploying SharePoint Framework (SPFx) Packages from Tenant App Catalog to Hub Site and Associated Sites covers how to deploy SPFx solutions across a hub site and associated sites.

Deploying SharePoint Framework (SPFx) Packages from Tenant App Catalog to Hub Site and Associated Sites There is the blog post how Deploying and Installing SharePoint Framework (SPFx) solutions using PnP PowerShell to Hub Site and Associated Sites using site collection app catalog. This post covers how to perform same objective but using the tenant level app catalog if the SPFx packages have not been added to all sites globally during deployment in the tenant level app catalog and instead need targeted deployment or upgrades on specific sites.