SharePoint

About OAuth 2.0

OAuth authorization code grant flow

Setting up OAuth 2.0 application in SharePoint

Supported Version: Cloud

About OAuth 2.0

OAuth 2.0 lets users access instance resources through external clients by obtaining a token rather than by entering login credentials with each resource request.

You must have the security_admin role to manage the OAuth integration. Configure OAuth 2.0 for the following scenarios:

API Rate Limit: Variable for different APIs.

OAuth authorization code grant flow

Following diagram explains high-level information flow for OAuth 2.0 authentication process

Reference:

OAuthrization Flow

Setting up OAuth 2.0 application in SharePoint

Follow the below steps to register an OAuth 2.0 application on SharePoint using your account.

  1. Login into Azure Account using Applications List Blade

  2. Click on “New registration” and enter following details:

    1. Name : User Friendly Name of OAuth 2.0 App, like “KleraSharePointApp”
    2. Click on Submit button.

  3. On the new page, copy and save followings:

    1. Application ID

  4. Go to “Certificates & Secretes” & click on “New client secret”. Enter description and choose validity period. Copy the string generated by the system under column “Value”. This is our Client Secret ID.

  5. Go to “Authentication” and add redirect URL under the “Redirect URIs” section.

    1. Choose Type -> Web
    2. Redirect URI -> Redirect URL of Gathr Analytics machine.

Sample redirect URI would be https://<HostName.DomainName>:48444/AccountMa nagementWebService/callback.html

  1. Go to API Permissions and click on “Add a permission”. Under SharePoint -> Delegated permissions choose followings:

    1. AllSites -> AllSites.Read
    2. MyFiles -> MyFiles.Read
    3. Sites -> Sites.Search.All
    4. User -> User.Read.All

  2. Go to “Expose an API” and click on Add a scope. Now add following scopes with their user friendly description:

  3. offline_access

  4. Read.All

  5. Read.All

  6. Read

  7. Read.All

Important:

  1. This URL should be accessible from the client machine. Machine from where user is login into Gathr Analytics.
  2. Need to add port 48444 in Firewall/Security systems whitelist.
  3. Please make sure your Sharepoint instance must be accessible from the Gathr Analytics Machine.

Steps to configure connection of connector:

  1. Right click on Connectors » Connections » Configure.
  2. Enter Instance URL : https://graph.microsoft.com
  3. Application Key: Client Id generated from the azure app
  4. Application Secret : Client secret Id generated from azure app.
  5. Authorization URL : https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize
  6. Access Token URL : https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
  7. Domain for Callback Authentication : Enter HostName with Domain Name of the Gathr Analytics machine Example: HostName-123.Kleramachine.com
  8. Scope : AllSites.Read MyFiles.Read Sites.Search.All User.Read.All
  9. Create New Account and give a user-friendly account Name like : Sharepoint Account.
  10. Click on ‘Save’.
  11. On clicking ‘Save’, a pop-up will appear which requires Sharepoint user to login using the credentials asked in the pop-up window.

Important: Please make sure, the pop-up is not blocked by the chrome browser.

If you have any feedback on Gathr documentation, please email us!

← ServiceNow
Signal Sciences →