Wednesday 7 June 2017

External Access Sharepoint API Online


Register Add-In
  • Navigate and login to SharePoint online site.
  • Then navigate to the Register Add-In page by entering the url as https://<sitename>.SharePoint.com/_layouts/15/appregnew.aspx
  • Click Generate button next to the Client Id and Client Secret textboxes to generate the respective values.
  • Enter Add-In Title in Title textbox
  • Enter AppDomian as a loclhost
  • Enter RedirectUri as a https://localhost 
  • Click Create button, which registers the add-in and returns the success message with created information.
Grant Permissions to Add-In 
  • Navigate to the SharePoint site
  • Then enter the URL https://<sitename>.sharepoint.com/_layouts/15/appinv.aspx in the browser. This will redirect to Grant permission page.
  • Enter the Client ID(which we have generated earlier), in AppId textbox and click Lookup button. That will populate the value to other textboxes in Title, App Domain and Redirect Url
  • Now enter the below permission request in XML format. 
    • <AppPermissionRequests AllowAppOnlyPolicy="true">     <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read" /></AppPermissionRequests>
  • Then click Create button. This will redirect to you page, where we have to trust the add-in to read items from website.

 Retrieve the Tenant ID

  •  Launch Postman chrome extension.
  • Select Get Method
  • Enter the below URL in the “Request URL” textbox https://<sitename>/sharepoint.com/_vti_bin/client.svc/
  • Configure the below information in the header section to send along with the url requestMethod = Get
  • Headers: Authorization Bearer


Generate the Access Token

  • After getting the Tenant ID, we have to form a URL with the below format    https://accounts.accesscontrol.windows.net/<TenantID>/tokens/OAuth/2 for requesting the access token.
  • Apply the below configurations in header
    • Method = POST
    • Headers
      • Content-Type : application/x-www-form-urlencoded
    • Body
      • grant_type : client_credentials
      • client_id :ClientID@TenantID
      • client_secret : ClientSecret
      • resource: resource/SiteDomain@TenantID               

  • After applying the configuration, click Send button. That will returns the response with the Access Token.


Access the SharePoint resource
  • In Postman tool, add the below URL to retrieve the web title https://<sitename>.sharepoint.com/sites/demo/_api/web/lists/getbytitle('customlist')/items
  • Apply configurations in header
  • Method = POST
    • Accept : application/json;odata=verbose
    • Authorization : Bearer ayx7fs.....
  • After applying the configuration, click Send button.
  • We will get the response successful as below if the permission xml applied correctly in app in the page. Otherwise, we will get the access denied error message.


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)