There are various ways to access your Sharepoint data remotely, like Client Object Model, PowerShell, REST API's, Graph API's, etc. But what is common in all these models is the credentials, you need to authenticate and authorize the remote App/program by providing a valid combination of User + Password, which can access the SharePoint content.
REST API and OAuth are developer's favorite choice for interacting with external data.
SharePoint uses OAuth to authorize using a token (client id + client secret) instead of regular credentials, giving access to a site, list, library, tenant, other. Further, you can decide what permission the App (or Add-in) has - like read, full control.
SharePoint App-Only works for SharePoint Online and SharePoint on premises versions (2013/2016/2019). Let us look at the steps required to set up an app principal with desired permissions.
⚡️ Generate Client Id and Client Secret (AppRegNew.aspx)
- Navigate to your SharePoint site, say https://c2c.sharepoint.com/sites/SPDev.
- Open the App registration, append /_layouts/15/appregnew.aspx to the site address.
- This will open a new page asking for App information.
- Fill the required details -
- ✏️ Client ID = GUID for the SharePoint App. Click Generate.
- ✏️ Client Secret = Password for the App. Click Generate.
- ✏️ Title = Provide a user friendly display name for the App.
- ✏️ App Domain = Remote server host of the App. Use www.localhost.com if you don't have one.
- ✏️ Redirect URL = Remote application end point. Use https://www.localhost.com if you don't have one.
- You will see a message "The app identifier has been successfully created." with all details.
Copy and save the client id and client secret, its required in the next step.
⚡️ Grant permissions to the newly created App (AppInv.aspx)
- To set permissions for the the app, append _layouts/15/appinv.aspx to the site address.
- This will open a new page.
- Paste the Client Id in the App Id field and click Lookup.
- This will fetch and present all details for the Client Id provided.
- Provide the Permission Request XML specifying what access the App has. The XML structure is a below.
Scope can have following values (use as is, do not modify),
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="[SCOPE]" Right="[PERMISSION]" /> </AppPermissionRequests>
- TENANT = http://sharepoint/content/tenant
- SITE COLLECTION = http://sharepoint/content/sitecollection
- SUB SITE = http://sharepoint/content/sitecollection/web
- LIST/LIBRARY = http://sharepoint/content/sitecollection/web/list
Right can have following values (use as is, do not modify),
- Read = only read access
- Write = add/edit/delete
- FullControl = full permissions
⚡️ Trust the SharePoint App
- You will be taken to next screen with message "Do you trust App?".
- It also shows what access the App will have depending on the permissions provided.
- Click Trust It.
- You App is ready to be used.
- You can see all you trusted Apps from _layouts/15/appprincipals.aspx?Scope=Web.
⭐ Test the SharePoint REST API using PostmanNow that we have registered SharePoint App/Add-in, its time to test it!
Our friend "Postman" comes handy to quickly test the SharePoint connection and REST query before actually using it in the code.
Refer this article for detailed steps on how to use Postman to generate bearer token and test SharePoint REST API Access SharePoint Online REST API using Postman
Have Questions? Post them here!
- That did'nt work, Issue type User not in directory - SharePoint external access error
- How to get SharePoint Online user details from person or group column using REST API
- Create SharePoint Site Collection with new Content database in existing web application
- Fix Power BI 404 not found error when connecting SharePoint Online List as Data Source
- How to get the SharePoint Tenant Login URL
- How to wrap column text in SharePoint Online Modern List Grid View using JSON formatting
- SharePoint Server 2016 installation System Hardware requirements
- Cannot load PowerApps form in SharePoint Online due to repeated authentication
- Change SharePoint search results FullTextSqlQuery RowLimit 10000
- How to create SharePoint Document Library
- How to exclude results from SharePoint Search
- SharePoint 2010 DataForm Unable to display this Web Part System.StackOverflowException
- Fix Error 2711 SQL RBS client - The installer has encountered an unexpected error. The specified Feature name ('Docs') not found in Feature table
- How to upload file programmatically to SharePoint Document Library using Server Object Model C# .Net
- SharePoint error cannot connect to the configuration database
- Drag drop files here option missing for SharePoint document library
- How to activate and create SharePoint Spaces feature for mixed reality experience - 2D/3D images and web parts
- [Fix] Office 365 Sharepoint One Drive Error: Something went wrong. This is a temporary issue
- SharePoint 2016 error - Could not find file ManageUserProfileServiceApplicationTenantSimplified.xml
- SharePoint List excel import - This table exceeds the maximum number of supported rows
- How to customize SharePoint Modern list form using JSON formatting
- New-SPLogFile PowerShell - create new SharePoint log file
- SharePoint Online REST API not returning all list items and limit to only 100 rows
- How to Get or Set SharePoint Document ID _dlc_DocId using PowerShell
- Get-ADUser PowerShell - Get AD user details using email address
- [Program] How to read three different values using Scanner in Java - Java
- Java SE 8 Update 301 available with various bug fixes and security improvements - Java
- This class should be public (android.support.v7.internal.widget.ActionBarView.HomeView) Lint Error - Android
- Path of homebrew (brew) installation in macOS Big Sur - MacOS
- Parsing CSV file using Java code example (Comma Separated File) - Java
- Java 8 Format Date and Time Examples - Java
- The Zsh Shell - Mac Tutorial - MacOS
- How to Reset Eclipse Theme to Classic - Eclipse