Adding SPO PowerShell cmdlet docs for Graph token config

Author: VesaJuvonen

sharepoint/sharepoint-ps/sharepoint-online/Approve-SPOTenantServicePrincipalPermissionRequest.md

@@ -0,0 +1,60 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Approve-SPOTenantServicePrincipalPermissionRequest
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Approves a permission request for the current tenant's "SharePoint Online Client" service principal
+
+## SYNTAX
+
+### Default
+```powershell
+Approve-SPOTenantServicePrincipalPermissionRequest -RequestId <Guid>
+```
+
+## DESCRIPTION
+Approves a permission request for the current tenant's "SharePoint Online Client" service principal
+
+The return value of a successful call is a permission grant object.  See [the "Permission grant object" section of the 
+Get-SPOTenantServicePrincipalPermissionGrants help documentation](Get-SPOTenantServicePrincipalPermissionGrants.md) 
+for more information about a permission grant object.
+
+To get the collection of permission grants for the "SharePoint Online Client" service principal, use the 
+[Get-SPOTenantServicePrincipalPermissionGrants](Get-SPOTenantServicePrincipalPermissionGrants.md) command.
+
+Approving a permission request also removes that request from the list of permission requests.
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+$requests = Get-SPOTenantServicePrincipalPermissionRequests
+$requestToApprove = $requests | ? { $_.Resource -eq 'Office 365 SharePoint Online' -and $_.Scope -eq 'MyFiles.Read' } | Select-Object -First 1
+
+if ($requestToApprove -ne $null)
+{
+    Approve-SPOTenantServicePrincipalPermissionRequest -RequestId $requestToApprove.Id
+}
+```
+
+Approves the permission request for the 'Office 365 SharePoint Online' resource with scope claim 'MyFiles.Read'.  
+If there is no request with those properties, then no approve action will be taken.
+
+## PARAMETERS
+
+### -RequestId
+The ID of the permission request to approve
+
+```yaml
+Type: Guid
+
+Required: True
+Position: Named
+Accept pipeline input: False
+```

sharepoint/sharepoint-ps/sharepoint-online/Deny-SPOTenantServicePrincipalPermissionRequest.md

@@ -0,0 +1,53 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Deny-SPOTenantServicePrincipalPermissionRequest
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Denies a permission request for the current tenant's "SharePoint Online Client" service principal
+
+## SYNTAX
+
+### Default
+```powershell
+Deny-SPOTenantServicePrincipalPermissionRequest -RequestId <Guid>
+```
+
+## DESCRIPTION
+Denies a permission request for the current tenant's "SharePoint Online Client" service principal
+
+Denying a permission request removes that request from the list of permission requests.
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+$requests = Get-SPOTenantServicePrincipalPermissionRequests
+$requestToDeny = $requests | ? { $_.Resource -eq 'Office 365 SharePoint Online' -and $_.Scope -eq 'MyFiles.Read' } | Select-Object -First 1
+
+if ($requestToDeny -ne $null)
+{
+    Deny-SPOTenantServicePrincipalPermissionRequest -RequestId $requestToDeny.Id
+}
+```
+
+Denies the permission request for the 'Office 365 SharePoint Online' resource with scope claim 'MyFiles.Read'.
+If there is no request with those properties, then no deny action will be taken.
+
+## PARAMETERS
+
+### -RequestId
+The ID of the permission request to deny
+
+```yaml
+Type: Guid
+
+Required: True
+Position: Named
+Accept pipeline input: False
+```

sharepoint/sharepoint-ps/sharepoint-online/Disable-SPOTenantServicePrincipal.md

@@ -0,0 +1,33 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Disable-SPOTenantServicePrincipal
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Disables the current tenant's "SharePoint Online Client" service principal.
+
+## SYNTAX
+
+```powershell
+Disable-SPOTenantServicePrincipal
+```
+
+## DESCRIPTION
+Disables the current tenant's "SharePoint Online Client" service principal.
+
+When the service principal's account is disabled, clients and components that use this service principal
+will not be able to request an access token for this service principal.
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+Disable-SPOTenantServicePrincipal
+```
+
+Disables the current tenant's "SharePoint Online Client" service principal.

sharepoint/sharepoint-ps/sharepoint-online/Enable-SPOTenantServicePrincipal.md

@@ -0,0 +1,30 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Enable-SPOTenantServicePrincipal
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Enables the current tenant's "SharePoint Online Client" service principal.
+
+## SYNTAX
+
+```powershell
+Enable-SPOTenantServicePrincipal
+```
+
+## DESCRIPTION
+Enables the current tenant's "SharePoint Online Client" service principal.
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+Enable-SPOTenantServicePrincipal
+```
+
+Enables the current tenant's "SharePoint Online Client" service principal.

sharepoint/sharepoint-ps/sharepoint-online/Get-SPOTenantServicePrincipalPermissionGrants.md

@@ -0,0 +1,49 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Get-SPOTenantServicePrincipalPermissionGrants
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Gets the collection of permission grants for the "SharePoint Online Client" service principal
+
+## SYNTAX
+
+### Default
+```powershell
+Get-SPOTenantServicePrincipalPermissionGrants
+```
+
+## DESCRIPTION
+Gets the collection of permission grants for the "SharePoint Online Client" service principal
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+Get-SPOTenantServicePrincipalPermissionGrants
+```
+
+Gets the collection of permission grants for the "SharePoint Online Client" service principal.
+
+## RETURNS
+
+### Permission grant object
+
+A permission grant contains the following properties:
+
+- ClientId: The objectId of the service principal granted consent to impersonate the user when accessing the resource (represented by the resourceId).
+
+- ConsentType: Whether consent was provided by the administrator on behalf of the organization or whether consent was provided by an individual. The possible values are "AllPrincipals" or "Principal".
+
+- ObjectId: The unique identifier for the permission grant.
+
+- _(Coming soon)_ Resource: The resource to which access has been granted.
+
+- ResourceId: The objectId of the resource service principal to which access has been granted.
+
+- Scope: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token.

sharepoint/sharepoint-ps/sharepoint-online/Get-SPOTenantServicePrincipalPermissionRequests.md

@@ -0,0 +1,43 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Get-SPOTenantServicePrincipalPermissionRequests
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Gets the collection of permission requests for the "SharePoint Online Client" service principal
+
+## SYNTAX
+
+### Default
+```powershell
+Get-SPOTenantServicePrincipalPermissionRequests
+```
+
+## DESCRIPTION
+Gets the collection of permission requests for the "SharePoint Online Client" service principal
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+Get-SPOTenantServicePrincipalPermissionRequests
+```
+
+Gets the collection of permission requests for the "SharePoint Online Client" service principal.
+
+## RETURNS
+
+### Permission request object
+
+A permission request contains the following properties:
+
+- Id: The identifier of the request.
+
+- Resource: The resource that the application requires access to.
+
+- Scope: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token.

sharepoint/sharepoint-ps/sharepoint-online/Revoke-SPOTenantServicePrincipalPermission.md

@@ -0,0 +1,51 @@
+---
+external help file:
+applicable: SharePoint Online
+schema: 2.0.0
+---
+# Revoke-SPOTenantServicePrincipalPermission
+
+> [!WARNING]
+> This is a preview feature and should not be used in production.
+
+## SYNOPSIS
+Revokes a permission that was previously granted to the "SharePoint Online Client" service principal
+
+## SYNTAX
+
+### Default
+```powershell
+Revoke-SPOTenantServicePrincipalPermission -ObjectId <String>
+```
+
+## DESCRIPTION
+Revokes a permission that was previously granted to the "SharePoint Online Client" service principal.
+
+## EXAMPLES
+
+### ------------------EXAMPLE 1------------------
+```powershell
+$grants = Get-SPOTenantServicePrincipalPermissionGrants
+$grantToRemove = $grants | ? { $_.Resource -eq 'Office 365 SharePoint Online' -and $_.Scope -eq 'MyFiles.Read' } | Select-Object -First 1
+
+if ($grantToRemove -ne $null)
+{
+    Revoke-SPOTenantServicePrincipalPermission -ObjectId $grantToRemove.ObjectId
+}
+```
+
+Revokes the permission associated with the 'Office 365 SharePoint Online' resource and with scope claim 'MyFiles.Read'. 
+If there is no permission with those properties, then no revoke action will be taken.
+
+## PARAMETERS
+
+### -ObjectId
+The Object ID of the permission grant to revoke
+
+```yaml
+Type: string
+
+Required: True
+Position: Named
+Accept pipeline input: False
+```