January 28, 2021

How to register an App only Principal in SharePoint Online?


We implemented the Delivery Schedule application in .Net Core for a Seattle, Washington-based construction firm. The information on Delivery Sites was available in SharePoint Online, we had to query this information using REST API from SharePoint Online and display the same in the .Net Core application.

Now, to call REST API from the .Net Core application, we need to use Client ID & Client Secret (app-only authentication) as per best practices. To generate Client ID and Client Secret, we need to register the SharePoint App. In this article, we will check the registration steps for the SharePoint App. So, now let’s get started!
  1. Access following URL to open App Registration Page.
    https://<<Site Collection URL>>/_layouts/15/appregnew.aspx 
  2. This will open following screen. 
  3. Click on “Generate” for Client ID and Client Secret. 
  4. Enter the Title, App Domain and Redirect URL.
    1. Title = BRiteApp (a meaningful name)
    2. App Domain = www.localhost.com
    3. Redirect URL = https://localhost.com 
  5. Click on Create.
  6. This will give you a summary of the App you created. Copy this information for future reference.
  7. Now, access the following URL.
    https://<<Site Collection URL>>/_layouts/15/appinv.aspx 
  8. This will open the following screen.
  9. Enter the same Client ID in the App ID field that we registered in Step 3 and click on Lookup. This will auto-populate other information.
  10. Now, in “Permission Request XML" we need to provide the XML with the desired permission level information. Below is the example XML that grants Site Collection level Full Control permission to the app. For more details on the permission request options, please visit this article from Microsoft.
     <AppPermissionRequests AllowAppOnlyPolicy="true">  
     <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />  

  11. Click on Create.
  12. Click on the “Trust it” button.


This is how we register our App in SharePoint Online. The registered app (Client ID & Client Secret) can be used to call the SharePoint REST APIs from the other applications.

If you have any questions you can reach out our SharePoint Consulting team here.

No comments:

Post a Comment