Registering an add-in for SharePoint is easy enough. You go to the _layouts/appregnew.aspx page for the site and register the add-in.
Permissions are set when the add-in is installed on the site too. This happens after you’ve clicked Trust It when adding the add-in to a site.
To revoke the permissions for an add-in in a site is also straight forward. To do this, you go to the _layouts/appprincipals.aspx page and click the delete icon next to the add-in you want to revoke permissions for. Or for a specific web, add ?Scope=Web to the URL.
There’s no admin page for unregistering and add-in for a site though. To do this, we can run some PowerShell. This does require a hybrid installation where you still have access to the SharePoint farm itself and can run SharePoint PowerShell cmdlets.
The following script shows how to:
- Revoke permissions for an add-in for a site
- Unregister the add-in for a site
asnp Microsoft.SharePoint.PowerShell # Replace with the add-in's client id $clientId = "33b85512-e4b1-529c-e012-410e676bef09" $site = Get-SPSite "url to the SP site" $realm = Get-SPAuthenticationRealm -ServiceContext $site $appId = $clientId + "@" + $realm # Get the add-in principal for the site $principal = Get-SPAppPrincipal -NameIdentifier $appId -Site $site.RootWeb # Remove the permissions that were granted for this add-in in the site Remove-SPAppPrincipalPermission -AppPrincipal $principal -Site $site.RootWeb -Scope Site # Set the Scope parameter to SiteCollection to apply this to the site collection instead of just the web # Now to unregister the add-in $appManager = [Microsoft.SharePoint.SPAppPrincipalManager]::GetManager($site.RootWeb) $appManager.DeleteAppPrincipal($principal)
To unregister we need to call the static method GetManager from the SPAppPrincipalManager class. There’s currently no PowerShell cmdlet that allows you to do this.
You then need to call the DeleteAppPrincipal method and pass it the principal object we retrieved for the add-in.
Useful if you want to completely remove an add-in from a site/site collection.