In SharePoint, when you upload an .sppkg package to the App Catalog, you are presented with these deployment options:
- Make this solution available to all sites in the organisation.
- Skip the app deployment check.
In this guide, we’ll discuss each of these options in detail to help you choose the most appropriate one based on your specific requirements.
Option 1. Make this solution available to all sites in the organisation.
If you select this option, the solution is deployed globally across the entire tenant.
The app becomes available on all site collections automatically, without the need for separate installations on each one.
This option is especially useful for SharePoint Framework (SPFx) extensions like Application Customizers, Field Customizers, or Command Sets, which don't require manual installation per site.
Example. If you've created an extension to apply a custom header or footer using an Application Customizer, enabling this option ensures it appears consistently across all sites.
Use this option when you want centralised control over how and where the app is used.
To use this option, the app must support tenant-wide deployment.
(This is configured during solution packaging.)
Once deployed this way, the app cannot be undeployed from individual sites; you would need to retract the entire solution from the App Catalog to remove it.
Option 2. Skip the app deployment check
If you select this option, SharePoint skips certain validation checks that are normally performed during app deployment. These checks typically ensure the .sppkg file is valid, trusted, and meets specific security and compliance requirements.
This option is useful in development or testing scenarios—for example, when you're testing a custom app on a particular site, and the package comes from a trusted internal source but fails validation due to missing AppSource information or an unverified origin.
By selecting this option, you bypass important security validations, which introduces potential risks.
Unauthorised apps might cause unexpected behaviour or pose security vulnerabilities.
If you're not completely sure about the contents of the app, it is not recommended to use this option in a production environment.