There are various ways to access your Sharepoint data remotely, like Client Object Model, PowerShell, REST API's, Graph API's, etc. But what is common in all these models is the credentials, you need to authenticate and authorize the remote App/program by providing a valid combination of User + Password, which can access the SharePoint content.
REST API and OAuth are developer's favorite choice for interacting with external data.
SharePoint uses OAuth to authorize using a token (client id + client secret) instead of regular credentials, giving access to a site, list, library, tenant, other. Further, you can decide what permission the App (or Add-in) has - like read, full control.
SharePoint App-Only works for SharePoint Online and SharePoint on premises versions (2013/2016/2019). Let us look at the steps required to set up an app principal with desired permissions.
⚡️ Generate Client Id and Client Secret (AppRegNew.aspx)
- Navigate to your SharePoint site, say https://c2c.sharepoint.com/sites/SPDev.
- Open the App registration, append /_layouts/15/appregnew.aspx to the site address.
- This will open a new page asking for App information.
- Fill the required details -
- ✏️ Client ID = GUID for the SharePoint App. Click Generate.
- ✏️ Client Secret = Password for the App. Click Generate.
- ✏️ Title = Provide a user friendly display name for the App.
- ✏️ App Domain = Remote server host of the App. Use www.localhost.com if you don't have one.
- ✏️ Redirect URL = Remote application end point. Use https://www.localhost.com if you don't have one.
- You will see a message "The app identifier has been successfully created." with all details.
Copy and save the client id and client secret, its required in the next step.
⚡️ Grant permissions to the newly created App (AppInv.aspx)
- To set permissions for the the app, append _layouts/15/appinv.aspx to the site address.
- This will open a new page.
- Paste the Client Id in the App Id field and click Lookup.
- This will fetch and present all details for the Client Id provided.
- Provide the Permission Request XML specifying what access the App has. The XML structure is a below.
Scope can have following values (use as is, do not modify),
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="[SCOPE]" Right="[PERMISSION]" /> </AppPermissionRequests>
- TENANT = http://sharepoint/content/tenant
- SITE COLLECTION = http://sharepoint/content/sitecollection
- SUB SITE = http://sharepoint/content/sitecollection/web
- LIST/LIBRARY = http://sharepoint/content/sitecollection/web/list
Right can have following values (use as is, do not modify),
- Read = only read access
- Write = add/edit/delete
- FullControl = full permissions
⚡️ Trust the SharePoint App
- You will be taken to next screen with message "Do you trust App?".
- It also shows what access the App will have depending on the permissions provided.
- Click Trust It.
- You App is ready to be used.
- You can see all you trusted Apps from _layouts/15/appprincipals.aspx?Scope=Web.
⭐ Test the SharePoint REST API using PostmanNow that we have registered SharePoint App/Add-in, its time to test it!
Our friend "Postman" comes handy to quickly test the SharePoint connection and REST query before actually using it in the code.
Refer this article for detailed steps on how to use Postman to generate bearer token and test SharePoint REST API Access SharePoint Online REST API using Postman
Have Questions? Post them here!
- PowerShell - How to use Try Catch Finally blocks for error exception handling (Windows/SharePoint)
- SharePoint List excel import - This table exceeds the maximum number of supported rows
- Update SharePoint Online List Item using REST API, HTML, Spfx, Postman
- Fix SharePoint Error - The Managed Metadata Service or Connection is currently not available. The Application Pool or Managed Metadata Web Service may not have been started
- SharePoint list excel import error - Title is a required filed and can't be empty
- Move Copy Migrate SharePoint OneDrive files folders to different site collection location
- Create SharePoint list from Excel spreadsheet and import table
- Send Email using SharePoint PowerShell command, SMTP server
- [Fix] Restricted View permission level missing in SharePoint Online site library
- How to get SharePoint List Item URL using PowerShell
- The service instance
- How to get the SharePoint Tenant Login URL
- New-SPLogFile PowerShell - create new SharePoint log file
- Not receiving email notification alert in SharePoint Online workflow - Power Automate, FLOW
- SharePoint Server 2016 Preview installation error - This Product Key isn't a valid Microsoft Office 2016 Product Key. Check that you've entered it correctly.
- How to change order of fields on new item form for SharePoint Online list
- Update Created By (Author) column of SharePoint document using PowerShell
- How to delete SharePoint Online List Item using REST API
- 'Edit Document' Requires a Windows Sharepoint Services-compatible application and Microsoft Internet Explorer 6.0 or higher
- Create SharePoint Site Collection using PowerShell New-SPSite
- How to customize SharePoint Modern list form using JSON formatting
- How to get SharePoint Online user details from person or group column using REST API
- SharePoint excel error - A problem occurred while connecting to the server. If the problem continues, contact your administrator.
- How to create SharePoint List Item programmatically using C#.net
- How to Get or Set SharePoint Document ID _dlc_DocId using PowerShell
- Facebook Thanks for stopping by! We hope to see you again soon. - Facebook
- JSON column formatting to preview SharePoint Online file on mouse hover - SharePoint
- Android Studio Button onClickListener Example - Android-Studio
- JDK Location in Android Studio - Android-Studio
- Iterate over an Array using Java 8 Stream and foreach - Java
- Java SE JDBC: Insert with PreparedStatement Example - Java
- How to Open and Use Microsoft Edge Console - Microsoft
- Mac (macos) startup keyboard boot sequence combinations - MacOS