# Netskope Help

###### Grant Failure on Newly Created App Instance

If you are setting up the Microsoft Office 365 OneDrive or SharePoint instance for the first time on a new Microsoft Office 365 account, the grant may fail. Microsoft has recently disabled apps using an Azure Access Control (ACS) app-only access token by default. If so, follow the steps below to grant access successfully.

### Note

Fill in the value for the $adminUPN variable (replacing all the text between the quotes, including the < and > characters). 3.$orgName="<name of your Office 365 organization, example: sumoskope>"

Fill in the value for the $orgName variable (replacing all the text between the quotes, including the < and > characters). 4.$userCredential = Get-Credential -UserName $adminUPN -Message "<type the password>" ### Note When prompted with the Windows PowerShell credential request dialog box, type the password for the global administrator account. 5. To check the value of DisableCustomAppAuthentication, run the following commands: 1. Connect-SPOService -Url https://$orgName-admin.sharepoint.com

2. get-SPOTenant

Look for the DisableCustomAppAuthentication parameter. It should be set to True.

### Note

If you do not see the DisableCustomAppAuthentication parameter, execute the Install-Module -Name Microsoft.Online.Sharepoint.PowerShell -Force command and follow the steps from 2b.

6. Run the following command to set the DisableCustomAppAuthentication value to false:

1. set-SPOTenant -DisableCustomAppAuthentication \$false

7. Verify that the parameter is set to false. To do so, run the following command:

• get-SPOTenant

Look for the DisableCustomAppAuthentication parameter. It should be set to False.

Once you have set the value of DisableCustomAppAuthentication to false, go back to the Netskope UI and grant access.