How To Register/ Unregister SharePoint Add-Ins Using PowerShell

Suppose you would like to have the remote components of a provider-hosted SharePoint Add-in to interact with SharePoint, what should you do? You should first register with the Azure ACS cloud-based service and the SharePoint App Management Service of the tenancy or farm. Let us now dive straight into how to register/unregister SharePoint add-ins.

To register an app into office 365 tenancy we use the layouts/appregnew.aspx page which is a standard old way of doing it. But, I thought there should be some smarter way to do it. After much research, I got a scenario to automate this process using a deployment package. I was searching for a while on the internet and got a few ideas like updating expiring Client Secret etc. More on that here

I have used MSOLService from AzureAD powershell package to register the SharePoint Add-in Office365 tenancy. Here is how to register an Add-in.

Download and install the AzureAD powershell package using the below PS commands.

To Save Module run the below script.
  1. Save-Module -Name MSOnline -Path <path>  
To Install the module run the below command.
  1. Install-Module -Name MSOnline  
Run the below PS Script after mentioning the Client ID, app name, app domain and the app redirect URL.

Provide your Global administrator username and password while connecting to MSOLService.
  1. $clientID = "7c6cbd92-073b-4bc9-9d4a-fc27749f340b";  
  2. $bytes = New - Object Byte[] 32  
  3. $rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()  
  4. $rand.GetBytes($bytes)  
  5. $rand.Dispose()  
  6. $newClientSecret = [System.Convert]::ToBase64String($bytes)  
  7. $appDomain = "";  
  8. $appUrl = "";  
  9. $appName = "Your App Name"  
  10. $servicePrincipalName = @("$clientID/$appDomain")  
  11. $dtStart = [System.DateTime]::Now  
  12. $dtEnd = $dtStart.AddYears(3)  
  13. Connect - MsolService  
  14. New - MsolServicePrincipal - ServicePrincipalNames $servicePrincipalName - AppPrincipalId $clientID - DisplayName $appName - Type Symmetric - Usage Verify - Value $newClientSecret - Addresses(New - MsolServicePrincipalAddresses - Address $appUrl) - StartDate $dtStart– EndDate $dtEnd  
  15. New - MsolServicePrincipalCredential - AppPrincipalId $clientId - Type Symmetric - Usage Sign - Value $newClientSecret - StartDate $dtStart– EndDate $dtEnd  
  16. New - MsolServicePrincipalCredential - AppPrincipalId $clientId - Type Password - Usage Verify - Value $newClientSecret - StartDate $dtStart– EndDate $dtEnd  
After registering the app, you need to move the SharePoint .app package to the app catalog and then you can install the SharePoint-Addin right away by skipping appregnew process. It is not necessary to generate the $newclientsecret, you can just copy and paste your application's client secret while registering the add-in. 

If you have provided the wrong data while registering, then you have to unregister or remove the entire add-in configuration from the Azure AD and you need to register it once again.

To unregister the add-in you can use the below script. Make sure that you are providing the global admin credentials that we already gave while registering.

  1. $clientID="7c6cbd92-073b-4bc9-9d4a-fc27749f340b";  
  2. Connect-MsolService  
  3. $appPrincipal = Get-MsolServicePrincipal -ServicePrincipalName $clientID  
  4. Remove-MsolServicePrincipal -ObjectId $appPrincipal.ObjectId