Graph API authentication for the backend app

David Wong 46 Reputation points
2022-11-01T19:33:04.27+00:00

I want to use Graph API to upload files to a specific SharePoint document library. It is a backend application (no user login).

I tested with Graph Explorer with my personal account (OIDC login interactively), and now I want to turn it into a Java application.

At first, I want to create a service account and let it calls the Graph API to do the same. However, from all my studies, I must register an application and grant permission to it instead. I cannot find a way to call MS Graph with a user identity (or user principal).

Should I focus on the registered application and forget about the service account? What auth2 flow should I use, and should I set the scope? Does delegated permission help?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,094 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,767 questions
{count} votes

Accepted answer
  1. Zehui Yao_MSFT 5,846 Reputation points
    2022-11-02T07:48:22.21+00:00

    Hi @David Wong , for back-end applications without user login, client credentials flow is generally used.

    Before authorization, you need an administrator account to register a new app at Azure app registration portal, add permissions to it, and click Grant.

    256259-image.png

    And this authentication method requires application permission: Files.ReadWrite.All or Sites.ReadWrite.All as described in the documentation:

    Hope this helps, best wishes.

    256287-image.png


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

0 additional answers

Sort by: Most helpful