Authentication :: User Credentials [OAuth]
Description
OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-register-app-v2.
[Read more..]
Instructions
Firstly, login into Azure Portal and there create an OAuth application:
- Go to Azure Portal and login there.
- Then go to Azure Active Directory.
- On the left side click menu item App registrations
- Then proceed with clicking New registration.
- Enter a name for your application.
- Select one of Accounts in this organizational directory only as supported account type to access data in your company.
- In Redirect URI section leave option selected at Web.
- In nearby textbox enter https://login.microsoftonline.com/common/oauth2/nativeclient as Redirect URI or any other valid redirect URL, e.g. https://zappysys.com/oauth
- Use this Redirect URI in Redirect URL grid row.
- Copy Application (client) ID and paste it into API Connection Manager configuration grid in Client ID row.
- Then click on Endpoints link and copy first URL to Authorization URL and second one to Token URL in configuration grid. Usually they look similar to these:
- https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/authorize
- https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/token
- https://login.microsoftonline.com/common/oauth2/v2.0/authorize
- https://login.microsoftonline.com/common/oauth2/v2.0/token
- Close "Endpoints" and create a Client Secret by clicking Certificates & secrets.
- Proceed by clicking New client secret and setting expiration period. Copy the client secret and paste it into configuration grid in Client Secret row.
- Use these scopes in Scopes field: offline_access Files.Read Files.Read.All Files.ReadWrite Files.ReadWrite.All openid profile User.Read email
- Click Generate Token to generate tokens.
- That's it!
Parameters
| Parameter |
Label |
Required |
Options |
Description |
Help |
| AuthUrl |
Authorization URL |
YES |
| Option |
Value |
| https://login.microsoftonline.com/common/oauth2/v2.0/authorize |
https://login.microsoftonline.com/common/oauth2/v2.0/authorize |
| https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/authorize |
https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/authorize |
|
|
|
| TokenUrl |
Token URL |
YES |
| Option |
Value |
| https://login.microsoftonline.com/common/oauth2/v2.0/token |
https://login.microsoftonline.com/common/oauth2/v2.0/token |
| https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/token |
https://login.microsoftonline.com/{ENTER-TENANT-ID-HERE}/oauth2/v2.0/token |
|
|
|
| ClientId |
Client ID |
YES |
|
|
|
| ClientSecret |
Client Secret |
NO |
|
|
|
| RefreshTokenFilePath |
Refresh Token File Path |
NO |
|
If you cant fit long refresh token in ConnectionString from your program then use this. Supply three properies in json format (i.e. save this in file { "access_token": "YOUR_ACCESS_TOKEN", "refresh_token": "YOUR_REFRESH_TOKEN", "expires_in": 3600 } )
|
|
| Scope |
Scope |
YES |
| Option |
Value |
| offline_access |
offline_access |
| Files.Read |
Files.Read |
| Files.Read.All |
Files.Read.All |
| Files.ReadWrite |
Files.ReadWrite |
| Files.ReadWrite.All |
Files.ReadWrite.All |
| openid |
openid |
| profile |
profile |
| Sites.Read.All |
Sites.Read.All |
| Sites.ReadWrite.All |
Sites.ReadWrite.All |
| User.Read |
User.Read |
|
Permissions you want to use.
|
|
| ReturnUrl |
ReturnUrl |
NO |
|
|
|
| RetryMode |
RetryMode |
NO |
| Option |
Value |
| None |
None |
| RetryAny |
RetryAny |
| RetryWhenStatusCodeMatch |
RetryWhenStatusCodeMatch |
|
|
|
| RetryStatusCodeList |
RetryStatusCodeList |
NO |
|
|
|
| RetryCountMax |
RetryCountMax |
NO |
|
|
|
| RetryMultiplyWaitTime |
RetryMultiplyWaitTime |
NO |
|
|
|
| ExtraAttributesForAuthRequest |
Login Prompt Option |
NO |
| Option |
Value |
| None |
|
| Force login prompt |
prompt=login |
| Force permission select |
prompt=consent |
|
Choose this if you want to force login prompt or permission prompt.
|
Read more |
