There are various ways to access your Sharepoint data remotely, like Client Object Model, PowerShell, REST API's, Graph API's, etc. But what is common in all these models is the credentials, you need to authenticate and authorize the remote App/program by providing a valid combination of User + Password, which can access the SharePoint content.
REST API and OAuth are developer's favorite choice for interacting with external data.
SharePoint uses OAuth to authorize using a token (client id + client secret) instead of regular credentials, giving access to a site, list, library, tenant, other. Further, you can decide what permission the App (or Add-in) has - like read, full control.
SharePoint App-Only works for SharePoint Online and SharePoint on premises versions (2013/2016/2019). Let us look at the steps required to set up an app principal with desired permissions
⚡️ Generate Client Id and Client Secret (AppRegNew.aspx)
- Navigate to your SharePoint site, say https://c2c.sharepoint.com/sites/SPDev.
- Open the App registration, append /_layouts/15/appregnew.aspx to the site address.
- This will open a new page asking for App information.
- Fill the required details -
- ✏️ Client ID = GUID for the SharePoint App. Click Generate.
- ✏️ Client Secret = Password for the App. Click Generate.
- ✏️ Title = Provide a user friendly display name for the App.
- ✏️ App Domain = Remote server host of the App. Use www.localhost.com if you don't have one.
- ✏️ Redirect URL = Remote application end point. Use https://www.localhost.com if you don't have one.
- You will see a message "The app identifier has been successfully created." with all details.
Copy and save the client id and client secret, its required in the next step.
⚡️ Grant permissions to the newly created App (AppInv.aspx)
- To set permissions for the the app, append _layouts/15/appinv.aspx to the site address.
- This will open a new page.
- Paste the Client Id in the App Id field and click Lookup.
- This will fetch and present all details for the Client Id provided.
- Provide the Permission Request XML specifying what access the App has. The XML structure is a below.
Scope can have following values (use as is, do not modify),
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="[SCOPE]" Right="[PERMISSION]" /> </AppPermissionRequests>
- TENANT = http://sharepoint/content/tenant
- SITE COLLECTION = http://sharepoint/content/sitecollection
- SUB SITE = http://sharepoint/content/sitecollection/web
- LIST/LIBRARY = http://sharepoint/content/sitecollection/web/list
Right can have following values (use as is, do not modify),
- Read = only read access
- Write = add/edit/delete
- FullControl = full permissions
⚡️ Trust the SharePoint App
- You will be taken to next screen with message "Do you trust App?".
- It also shows what access the App will have depending on the permissions provided.
- Click Trust It.
- You App is ready to be used.
- You can see all you trusted Apps from _layouts/15/appprincipals.aspx?Scope=Web.
- SharePoint An unexpected error has occurred - Correlation ID and Merge-SPlogfile
- SharePoint list excel import error - Title is a required filed and can't be empty
- Send Email with attachment using SharePoint PowerShell, SMTP server
- Sharepoint errors were found when compiling the workflow
- How to update SharePoint List Item programmatically
- Merge-SPlogfile PowerShell - SharePoint Correlation ID error
- Get-ADUser PowerShell - Get AD user details using email address
- Restore deleted Office 365 SharePoint group site
- [Solved] SharePoint Access Denied error editing Document Name
- How to migrate SharePoint Designer 2010 workflow to Power Automate FLOW (Microsoft Office 365)
- Calculate Volume of Pyramid - C-Program
- Launch Notepad++ html document in any web browser - NotepadPlusPlus
- Sublime Text spell check shortcut - Sublime
- Download interrupted: Unknown Host dl-ssl.google.com Error Android SDK Manager - Android
- Android Launch! The connection to adb is down, and a severe error has occured - Android
- How to resolve Certificate Expired WhatsApp Error - WhatsApp
- Transfer files between Android and Mac OS X using usb cable - Mac-OS-X
- Make Bootstrap Button look like a link - Bootstrap
- Horizontally Center Align tag in HTML using CSS - CSS
- Android R Cannot Be Resolved To A Variable - Android
- Convert SQL to CSV in Notepad++ - NotepadPlusPlus
- Hide Scrollbar from Android Views - Android
- Error running 'app': No target device found. - Android-Studio
- PHP 301 Redirect Permanently - PHP
- How to enable Do Not Disturb mode for Notification Center in Mac OS X 10.10 Yosemite - Mac-OS-X