SharePoint

  • 20 Feb

    Cannot get SharePoint Online Authentication (SPOIDCRL) to Work

    Q: SharePoint Online Authentication problem. Hello Team, I am attempting to use a SharePoint directory as a source but am not able to make it past this.

    SharePoint Online Authentication

    I have tried a couple different variations, tried installing the latest Limagito version on a test machine but I get the same error message. Part of the error message says this:

    Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to

    +the+web+site+and+select+the+option+to+login+automatically.

    I tried logging in via a web browser but do not have that option. Thanks,

    A: Could you please check: SharePoint Online web site does not support SharePoint Online credentials

    I changed one of the settings based on that article (the other one was already set to what he recommended. I am going to let the setting propagate as they can take a few hours sometimes.

    #FileTransfer #Sharepoint

    If you need any info about this ‘SharePoint Online Authentication’ error, please let us know.

    Best regards,

    Limagito Team

  • 23 Oct

    SharePoint OAuth 2.0 authorization code flow

    Version v2023 is needed and available here.

    At this moment our advise is to use: How-to access sharepoint rest api using oauth

    This blog article is based on the following information: Microsoft identity platform and OAuth 2.0 authorization code flow

    First you’ll need to register an AD app with your AD Tenant. It will assign you the necessary information you need for the OAuth2 setup.

    Some links to get you started:

    We added some screenshots of a possible setup in our File Mover:

    • Please set Auth Type in our SharePoint setup to: ‘OAuth 2.0 Authorization Code Flow’

    SharePoint OAuth Authentication

    • OAuth2 Setup:
      • Enable ‘Code Challenge’
      • Enable ‘Include Nonce’
      • Set ‘Authorization Endpoint URL’
        • https://login.microsoftonline.com/%realm/oauth2/v2.0/authorize
        • %realm will be replaced by the Realm value (= Tenant or Tenant_ID). You can also enter the full URL including the Tenant.
      • Set ‘Token Endpoint URL’
        • https://login.microsoftonline.com/%realm/oauth2/v2.0/token
        • %realm will be replaced by the Realm value (= Tenant or Tenant_ID). You can also enter the full URL including the Tenant.
      • Enter your Client ID and Client Secret (please check the article howto create them)
      • Set ‘Scope’ to: openid offline_access https://graph.microsoft.com/
        • We are not 100% sure about the Scope at this moment .. waiting on feedback
      • Set Response Mode to:  form_post
      • Set Response Type to:  code+id_token
      • When using %realm in the ‘Authorization or Token Endpoint URL’
        • Please set ‘Realm’ to your Tenant of Tenant_ID

    After the setup, please click on the <Get> button. If you get a firewall popup, you’ll need to accept this otherwise we will not be able to capture the Tokens.

    Follow the steps in the browser and it should fill the Refresh and Access Token afterwards. Do not forget to click <Save>.

    SharePoint C:\Data\Foto\v2023\SharePoint\OAuth 2.0 authorization code flow\SharePoint authorization code flow

    • Common Setup:

    If you want extra debug information during the test, please enable ‘Add Control Information to Log’

    SharePoint OAuth Authentication

    #Filetransfer #SharePoint

    If you need any help with this ‘how-to-access-sharepoint-rest-api-using-oauth’ option, please let us know.

    Best Regards,

    Limagito Team

     

    By Limagito-Team SharePoint , ,
  • 23 Oct

    How to access SharePoint Rest API using OAuth

    Version v2023 is needed and available here.

    This Authorization method using OAuth2 was tested by a customer of us (Eddy, we really appreciate this). It is based on the following article.

    As mentioned in the article, first you’ll need to register an AD app with your AD Tenant. It will assign you the necessary information you need for the OAuth2 setup

    Feedback customer:

    • This required the following settings in Azure. Maybe only the delegated permissions under Graph are enough, didn’t play too much.

    Sharepoint OAuth2 authorization

    • Also the the redirect url should be set for the app, and ID_token must be enabled.

    Sharepoint OAuth2 authorization

    Limagito File Mover Setup:

    • In this case the Auth Type in our SharePoint setup should be set to: ‘OAuth 2.0 Authorization Code Flow’

    SharePoint OAuth Authentication

    • OAuth2 Setup:
      • Disable ‘Code Challenge’
        • Seems to work also when enabled (tested by customer)
      • Enable ‘Include Nonce’
      • Set ‘Authorization Endpoint URL’
        • https://login.microsoftonline.com/%realm/oauth2/authorize
        • %realm will be replaced by the Realm value (= Tenant or Tenant_ID). You can also enter the full URL including the Tenant.
      • Set ‘Token Endpoint URL’
        • https://login.windows.net/%realm/oauth2/token?api-version=1.0
        • %realm will be replaced by the Realm value (= Tenant or Tenant_ID). You can also enter the full URL including the Tenant.
      • Enter your Client ID and Client Secret (please check the article howto create them)
      • Set ‘Scope’ to:  openid
        • If you don’t receive a Refresh Token, change it to:  openid offline_access
        • Customer used: https://<Tenant>.sharepoint.com/.default
      • Set ‘Resource’ to:  https://graph.microsoft.com/
        • Customer used: https://<Tenant>.sharepoint.com
      • Set Response Mode to:  form_post
      • Set Response Type to:  id_token+code
      • When using %realm in the ‘Authorization or Token Endpoint URL’
        • Please set ‘Realm’ to your Tenant of Tenant_ID

    After the setup, please click on the <Get> button. If you get a firewall popup, you’ll need to accept this otherwise we will not be able to capture the Tokens.

    Follow the steps in the browser and it should fill the Refresh and Access Token afterwards. Do not forget to click <Save>.

    • OAuth2 setup  used by customer (info about the .default Scope: here):

    access SharePoint Rest API using OAuth

    • OAuth2 setup we received from our SharePoint source code provider:

    SharePoint OAuth Authentication

    • Common Setup:

    If you want extra debug information during the test, please enable ‘Add Control Information to Log’

    SharePoint OAuth Authentication

    #Filetransfer #SharePoint

    If you need any help with this ‘how-to-access-sharepoint-rest-api-using-oauth’ option, please let us know.

    Best Regards,

    Limagito Team

1 2
SEARCH