Authentication methods for SharePoint REST API

sharepoint.stackexchange https://sharepoint.stackexchange.com/questions/273655

Question

Let's say I work in company AAA and want to automatically upload documents to BBB's company SharePoint Online application https://BBB.sharepoint.com using REST API.

My email username@AAA.com is invited to https://BBB.sharepoint.com and I can Sign-in via SSO.

Which authentification methods I can use for generating access token?

Is there a way apart registering SharePoint Add-In as it may be a difficult thing to do (I don't have access to BBB SharePoint configurations)?

Thanks!

Was it helpful?

Solution

In order to achieve this access - we need to generate a client_id and client_secret from "https://BBB.sharepoint.com" site and uses that code in "AAA" site while sending the data "BBB" site.

There is a long steps how to the generate the client_id and client_secret code.

Step 1: Register Add-In

Go to the this page of your BBB site https://.SharePoint.com/_layouts/15/appregnew.aspx

Here you will get: client id and client secret

Save this information in notepad.

Step 2: Grant Permissions to Add-In

Go to this page of your BBB site:

https://.sharepoint.com/_layouts/15/appinv.aspx

Enter the "Client ID" in the App ID field and click on Lookup button

Now enter the below permission request in XML format:

<AppPermissionRequests AllowAppOnlyPolicy="true">
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read" />
</AppPermissionRequests>

Step 3: Retrieve the Tenant ID

In POST man tool do a GET request for this URL(BBB site):

https:///sharepoint.com/_vti_bin/client.svc/

From the Header section you will get the realm value which is nothing but your client ID.

So finally while you are sending the client id and client secret to the AAA site(your source site from where you are uploading the document), it should be in the below format:

client_id   ClientID@TenantID
client_secret   ClientSecret

Example:

client_id: 4b4276d0-74cd-4476-b66f-e7e326e2cb93@10267809-adcb-42b6-b103-c7c8190b3fed
client_secret: nuC+ygmhpadH93TqJdte++C37SUchZVK4a5xT9XtVBU=

Now when the other system here it is application "AAA site" performing the POST call to the "SharePoint site here it is https://BBB.sharepoint.com", they need to use these two client_id and client_secret key.

Detailed explanation is here:

https://www.ktskumar.com/2017/01/access-sharepoint-online-using-postman/

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top