OAuth authorization code grant flow
Setting up OAuth 2.0 application in SharePoint
About OAuth 2.0
OAuth 2.0 lets users access instance resources through external clients by obtaining a token rather than by entering login credentials with each resource request.
You must have the security_admin role to manage the OAuth integration. Configure OAuth 2.0 for the following scenarios:
OAuth authorization code grant flow
Following diagram explains high-level information flow for OAuth 2.0 authentication process
Reference:
Setting up OAuth 2.0 application in SharePoint
Follow the below steps to register an OAuth 2.0 application on SharePoint using your account.
- Login into Azure Account using https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
- Click on “New registration” and enter following details:
- Name : User Friendly Name of OAuth 2.0 App, like “KleraSharePointApp”
- Click on Submit button.
- On the new page, copy and save followings:
- Application ID
- Go to “Certificates & Secretes” & click on “New client secret”. Enter description and choose validity period. Copy the string generated by the system under column “Value”. This is our Client Secret ID.
- Go to “Authentication” and add redirect URL under the “Redirect URIs” section.
- Choose Type -> Web
- Redirect URI -> Redirect URL of Klera machine.
Sample redirect URI would be https://<HostName.DomainName>:48444/AccountMa nagementWebService/callback.html
- Go to API Permissions and click on “Add a permission”. Under SharePoint -> Delegated permissions choose followings:
- AllSites -> AllSites.Read
- MyFiles -> MyFiles.Read
- Sites -> Sites.Search.All
- User -> User.Read.All
- Go to “Expose an API” and click on Add a scope. Now add following scopes with their user friendly description:
- offline_access
- Read.All
- Read.All
- Read
- Read.All
Important:
- This URL should be accessible from the client machine. Machine from where user is login into Klera.
- Need to add port 48444 in Firewall/Security systems whitelist.
For any further information email us at info@klera.io