How do I get access token for SharePoint Online REST API

Terry Chan 51 Reputation points
2021-10-28T08:56:32.453+00:00

How can I get the accessToken of a specific account for authorization?

GET https://{site_url}/_api/web/lists/GetByTitle('List Title')
Authorization: "Bearer " + accessToken
Accept: "application/json;odata=verbose"

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,621 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. MichaelHan-MSFT 18,016 Reputation points
    2021-10-29T02:55:52.8+00:00

    Hi @Terry Chan ,

    You could get the access Token of a specific account as the below:

    1. Get a delegated auth token from graph as you normally would (https://learn.microsoft.com/en-us/graph/auth-v2-user)
    2. Use the refresh_token you got and exchange it for an SPO access token by calling the auth endpoint again: POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token

    With the following form data: 

    client_id=<APP ID>  
client_secret=<APP SECRET>  
refresh_token=<REFRESH TOKEN FROM ABOVE>  
grant_type=refresh_token  
scope=https://<tenant>.sharepoint.com/Sites.FullControl.All

    144775-image.png

    3.Take the access token and call the SPO API

    Make sure that you app is granted enough permissions.

    Reference: https://stackoverflow.com/questions/63321532/sharepoint-rest-api-how-to-get-access-token

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    4 people found this answer helpful.
  2. Mark Woollen 5 Reputation points
    2024-01-18T13:56:13.8033333+00:00

    I found this github.com collection of postman calls to be helpful and easy to use.

    https://github.com/stuartmccoll/microsoft-sharepoint-rest-api-postman-collections

    Some additional steps:

    • Login to https://entra.microsoft.com with your 365 user account to setup "App Registration" (note you may need admin privilege to enable user setting: "Users can register applications")
    • Go to App Registrations / Owned Applications (you might need to create a new one... or if you have one that you want to use edit that one.
    • Permissions... Grant permissions for Microsoft Graph (Sites.ReadWrite.All, User.Read, etc)
    • Application (Client) ID... copy and save that.
    • Directory (Tenant) ID... copy and save that.
    • Client Secret Value (under Certificates and Secrets)... create a new one and copy/save the Secret Value (not the Secret ID).
    • Use these values in the Postman Environment variables (as the github instructions state)
      Microsoft Graph API in Postman
    • Using the Microsoft Graph Collection, select the "Delegated" folder and then "Authorization" tab. the environment variables should already be configured. Scroll to bottom and click "Get New Access Token".
    • Now you are set to use the Collection's API calls.

    Thank you Stuart McColl whoever you are!

    1 person found this answer helpful.
    0 comments