Authentication :: Application Credentials [OAuth]
Contents
Description
OAuth App must be created in Microsoft Azure AD. These settings typically found here https://docs.microsoft.com/en-us/graph/auth-v2-service
Instructions
Firstly, login into Azure Portal and there create an OAuth application:
Step-1: Create OAuth App
- Go to Azure Portal and login there.
- Then go to Azure Active Directory.
- On the left side click menu item App registrations
- Then proceed with clicking New registration.
- Enter a name for your application.
- Select one of Accounts in this organizational directory only as supported account type to access data in your company.
- In Redirect URI section leave option selected at Web.
- Copy Application (client) ID and paste it into API Connection Manager configuration grid in Client ID row.
- Then click on Endpoints link and copy second, Token, URL to Token URL field in configuration grid. Usually they look similar to these:
https://login.microsoftonline.com/daed1250-xxxx-xxxx-xxxx-ef0a982d3d1e/oauth2/v2.0/token https://login.microsoftonline.com/common/oauth2/v2.0/token
- Close "Endpoints" and create a Client Secret by clicking Certificates & secrets.
- Proceed by clicking New client secret and setting expiration period. Copy the client secret and paste it into configuration grid in Client Secret row.
- Go to API Permissions section and add Microsoft Graph permissions for SharePoint and Drive, e.g. Sites.Selected, Sites.Read.All, Sites.ReadWrite.All, Files.Read.All, Files.ReadWrite.All.
- Finally, Grant admin consent for your domain for your permissions.
Step-2: Register OAuth App in SharePoint Admin Portal
- After we create OAuth App we need to add grant SharePoint access to that App using Admin Portal. Make sure you have admin permission to acces Portal. For detailed steps you may refer to this link. Here are basic steps you can follow.
- Log in to SharePoint Admin Portal and access below URL
(Replace YOURCOMPANY)
https://YOURCOMPANY-admin.sharepoint.com/_layouts/15/appprincipals.aspx?Scope=Web
- Enter App Id and other information
- Enter XML snippet which describes which permission you want to grant. Here is an example permission (App with FullControl / Read / Write)
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" /> </AppPermissionRequests>
- Click Add to grant the permission. That's it!
https://YOURCOMPANY-admin.sharepoint.com/_layouts/15/appprincipals.aspx?Scope=Web
Parameters
Parameter | Label | Required | Options | Description | Help | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
TokenUrl | Token URL | YES |
|
|
|||||||||
ClientId | Client ID | YES |
|
||||||||||
ClientSecret | Client Secret | YES |
|
||||||||||
Scope | Scope | NO |
|
||||||||||
SiteId | SiteId | YES |
|
||||||||||
RetryMode | RetryMode | NO |
|
|
|||||||||
RetryStatusCodeList | RetryStatusCodeList | NO |
|
||||||||||
RetryCountMax | RetryCountMax | NO |
|
||||||||||
RetryMultiplyWaitTime | RetryMultiplyWaitTime | NO |
|