Performing OAuth and Rest calls with SharePoint Online (Without creating an add-in)
OAuth is required to make rest calls to SharePoint to manipulate data on behalf of the user who is authenticating.
SharePoint OAuth can be confusing if you try to read and understand it from Microsoft’s documentation especially if you are trying to do without an add-in, I will try to simplify it here.
- You need Client Id and Client Secret
- Perform OAuth
- Making rest calls
Getting client id and secret:
- Register your app on Microsoft Seller Dashboard — http://go.microsoft.com/fwlink/?LinkId=248605
- Don’t be surprised, it’s not free.
- Get your client id and secret by going to ‘client ids’ tab
- Figure out your site url:
Go to your SharePoint Online instance in browser
Copy site url from the following pattern
- Get your site realm:
- Now send your user to following url to get authorisation code in response
User will then see the SharePoint Auth page
On successful authorisation, user will be redirected to the redirect url with code as the url query parameter.
Use this auth_code to fetch access token from SharePoint.
Also principal_audience_id is a constant with value “00000003–0000–0ff1-ce00–000000000000”
You have successfully fetched Access Token
Sample Rest Call:
Fetching folders from SharePoint -
That’s it. Hopefully this was helpful.
One more thing -
Access Token: valid for 12 hrs
Refresh Token: valid for 6 months
For fetching a new access token using refresh token
https://msdn.microsoft.com/en-us/library/office/jj687470.aspx (Different permissions scopes)
https://msdn.microsoft.com/en-us/library/office/jj687469.aspx (Register your Add-In/Client)
https://msdn.microsoft.com/en-us/library/office/dn499819.aspx (Rest api reference)
https://msdn.microsoft.com/en-us/library/office/jj164022.aspx (Rest api reference)