Skip to main content
All CollectionsIntegration Connection Guides
Setting up Sharepoint OAuth App
Setting up Sharepoint OAuth App
B
Written by Ben Keeling
Updated over 2 months ago

Setting up OAuth for Sharepoint

Step 1: Sign in to Azure Portal

  1. Sign in to the Azure portal.

  2. If it asks if you want a tour select "Maybe Later"
    โ€‹

Step 2: Register a New Application

  1. In the left-hand navigation pane, click on "Microsoft Entra ID." If you cannot see the navigation panel click on the three lines in the top left of the page next to the Microsoft Azure logo.

  2. Click on "App registrations."

  3. Click on "New Application"

  4. Enter a name for your application, such as "Medialake - Sharepoint.

  5. Select the supported account type. Please select the "Accounts in this organisational directory only".

  6. Enter your Redirect URI. This is the URL where users will be redirected after they authenticate with Microsoft and should look something like this, where your domain is followed by the subdirectory: https://YOUR_DOMAIN/sharepoint-redirect

  7. Make sure the platform is selected as "web".

  8. Click on the "Register" button.
    โ€‹

Step 3: Configure Permissions

  1. Click on "API permissions" on the left hand side navigation panel. This brings you to the API Permissions page. The Microsoft Graph permissions should already be added, with the "User.Read" Delegated permission already filled out.

  2. Click on "Add a permission."

  3. Select the API you want to access. In this case we will be adding the Sharepoint API. If the Microsoft Graph permission mentioned above is not added, please repeat the process for that API permission.

  4. Select the Delegated permissions option.

Either type the following permissions in you wish to add, or search for them in the dropdown lists on the page. Please enable by ticking:

AllSites.Read
AllFiles.Read
Sites.Search.All
User.Read.All

The following permission should not be required, but if you are having issues syncing certain folders, try adding this permission as well.

AllSites.FullControl

Made sure you click "Add permissions" at the bottom of the page. You should be taken back to a list of all configured permissions that now looks like the image below.


Step 4: Create a Client Secret

  1. Click on "Certificates & secrets" in the navigation bar on the left hand side of the page. If you can't see the navigation bar, you can click the small arrow in the top left of the page

  2. Click on "New client secret."

  3. Enter a description for the secret, such as "Medialake.ai ", select its expiration, and then click "Add." We suggest putting a date as far in the future as possible to avoid repeating this process regularly when the permission expires.

  4. Copy the value of the secret ID. You will need it to enter on the settings page in the medialake.ai website. This secret will not be shown again, so if you do not copy it correctly, you will have to create a new one.


Step 5: Obtain the Application (client) ID and Directory (tenant) ID

  1. Click on "Overview."

  2. Copy the "Application (client) ID" and "Directory (tenant) ID." You will also need to these values along with the client secret to configure OAuth in the Medialake settings.


Important Considerations

  • Make sure to follow security best practices, especially when handling client secrets.

  • The permissions and configuration might vary based on the specific service or API you're accessing.

Did this answer your question?