SharePoint Online OAuth

Question

SharePoint Online OAuth

Michael Tippett 1

I am building a Software as a Service application, and I want my users to be able to authorise the webpage to upload files directly to their sharepoint document library.

I imagine the flow working like this:

User Logs into my Webpage
User clicks authorise SharePoint.
User set to SharePoint and logs in, SharePoint asks to confirm permissions.
Token returned and saved by webpage
Webpage then uploads files directly to document library
The problem I am having at the moment, is all the documentation I am seeing, only allows this flow if the user has registered an app in their SharePoint site using /_layouts/15/AppRegNew.aspx.

I will have many users, all with different sharepoint tenants, is there a authorization flow I can use for this situation?

I'm aware I could do this using flow and a custom trigger, but I'm trying to make it as simple for the end user as possible

1 answer

Your answer

Answer 1

CaseyYang-MSFT 10,461

Hi @Michael Tippett ,

This article is an overview about Authorization Code flow steps: Authorization Code OAuth flow for SharePoint Add-ins.

Following are the steps in the Authorization Code flow.
1.Client opens an application and then directs it to a SharePoint site for data.

2.The add-in redirects to the SharePoint site authorization URL.

3.SharePoint displays the consent page so the user can grant the add-in permissions.

4.SharePoint requests a short-lived authorization code from ACS.

5.The SharePoint Online site redirects to the app's registered redirect URI, passing the authorization code to the add-in.

6.The add-in uses the authorization code to request an access token from ACS, which validates the request, invalidates the authorization code, and then sends access and refresh tokens to the add-in.

7.The add-in can now use the access token to request data from the SharePoint site, which it can display to the user.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Michael Tippett 1 Reputation point

2022-01-03T10:58:21.563+00:00

The thign that is confusing me, is it says you need to have:

<configuration>
<appSettings>
<add key="ClientId" value="c78d058c-7f82-44ca-a077-fba855e14d38 "/>
<add key="ClientSecret" value="SbALAKghPXTjbBiLQZP+GnbmN+vrgeCMMvptbgk7T6w= "/>
</appSettings>
</configuration>

The ClientID and Client Secret, in your app, but dont you get the clientID/secret when you register you app in a SharePoint site? (using AppRegNew.aspx)
therefore does this flow work if you want to connect to many different tenants without needgin to manually configure on the sharepoint side?
CaseyYang-MSFT 10,461 Reputation points

2022-01-05T09:53:49.213+00:00

Hi @Michael Tippett ,

Here is a similar issue for reference: Using Authorization Code flow for a multi tenant app not working
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.

Share via

SharePoint Online OAuth

1 answer

Your answer