Authentication :: User Credentials [OAuth]
Contents
OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-register-app-v2.
Firstly, login into Azure Portal and there create an OAuth application:
- Go to Azure Portal and login there.
- Then go to Azure Active Directory.
- On the left side click menu item App registrations
- Then proceed with clicking New registration.
- Enter a name for your application.
- Select one of Accounts in this organizational directory only as supported account type to access data in your company.
- In Redirect URI section leave option selected at Web.
- In nearby textbox enter https://login.microsoftonline.com/common/oauth2/nativeclient as Redirect URI or any other valid redirect URL, e.g. https://zappysys.com/oauth
- Use this Redirect URI in Redirect URL grid row.
- Copy Application (client) ID and paste it into API Connection Manager configuration grid in Client ID row.
- Then click on Endpoints link and copy first URL to Authorization URL and second one to Token URL in configuration grid. Usually they look similar to these:
- https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/authorize
- https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/token
- https://login.microsoftonline.com/common/oauth2/v2.0/authorize
- https://login.microsoftonline.com/common/oauth2/v2.0/token
- Close "Endpoints" and create a Client Secret by clicking Certificates & secrets.
- Proceed by clicking New client secret and setting expiration period. Copy the client secret and paste it into configuration grid in Client Secret row.
- Use these scopes in Scopes field: offline_access Files.Read Files.Read.All Files.ReadWrite Files.ReadWrite.All openid profile User.Read email
- Click Generate Token to generate tokens.
- That's it!