There are various articles explaining what App Only Policies are and how they work with SharePoint Provider Hosted Apps. Two of the good starting points, I found are this msdn blog and this msdn article. The process of setting is App only permission is really simple. All you need to do is change the AppManifest.xml file. <AppPermissionRequests AllowAppOnlyPolicy=”true”> <AppPermissionRequest Scope=”http://sharepoint/content/tenant” Right=”FullControl” /> </AppPermissionRequests> The problem is if you need tenant level permissions for your app, you can’t register the app principal in any of the site collections, like you would do for any other level of permission requirement like Site Collection admin. Steps […]