Wednesday, 7 June 2017

External Access Sharepoint API Online


Register Add-In
  • Navigate and login to SharePoint online site.
  • Then navigate to the Register Add-In page by entering the url as https://<sitename>.SharePoint.com/_layouts/15/appregnew.aspx
  • Click Generate button next to the Client Id and Client Secret textboxes to generate the respective values.
  • Enter Add-In Title in Title textbox
  • Enter AppDomian as a loclhost
  • Enter RedirectUri as a https://localhost 
  • Click Create button, which registers the add-in and returns the success message with created information.
Grant Permissions to Add-In 
  • Navigate to the SharePoint site
  • Then enter the URL https://<sitename>.sharepoint.com/_layouts/15/appinv.aspx in the browser. This will redirect to Grant permission page.
  • Enter the Client ID(which we have generated earlier), in AppId textbox and click Lookup button. That will populate the value to other textboxes in Title, App Domain and Redirect Url
  • Now enter the below permission request in XML format. 
    • <AppPermissionRequests AllowAppOnlyPolicy="true">     <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read" /></AppPermissionRequests>
  • Then click Create button. This will redirect to you page, where we have to trust the add-in to read items from website.

 Retrieve the Tenant ID

  •  Launch Postman chrome extension.
  • Select Get Method
  • Enter the below URL in the “Request URL” textbox https://<sitename>/sharepoint.com/_vti_bin/client.svc/
  • Configure the below information in the header section to send along with the url requestMethod = Get
  • Headers: Authorization Bearer


Generate the Access Token

  • After getting the Tenant ID, we have to form a URL with the below format    https://accounts.accesscontrol.windows.net/<TenantID>/tokens/OAuth/2 for requesting the access token.
  • Apply the below configurations in header
    • Method = POST
    • Headers
      • Content-Type : application/x-www-form-urlencoded
    • Body
      • grant_type : client_credentials
      • client_id :ClientID@TenantID
      • client_secret : ClientSecret
      • resource: resource/SiteDomain@TenantID               

  • After applying the configuration, click Send button. That will returns the response with the Access Token.


Access the SharePoint resource
  • In Postman tool, add the below URL to retrieve the web title https://<sitename>.sharepoint.com/sites/demo/_api/web/lists/getbytitle('customlist')/items
  • Apply configurations in header
  • Method = POST
    • Accept : application/json;odata=verbose
    • Authorization : Bearer ayx7fs.....
  • After applying the configuration, click Send button.
  • We will get the response successful as below if the permission xml applied correctly in app in the page. Otherwise, we will get the access denied error message.


No comments:

Post a comment