Creating a Custom OAuth App
Custom OAuth Credentials
You can create an OAuth application through your site's UI, or by manually entering your site's create app link into your browser: https://{site}.sharepoint.com/sites/{Project_Web_App_Site}/_layouts/15/appregnew.aspx.
After filling in the required fields, you may click "Create" and the following credentials will be displayed.
Note that while creating the OAuth application, you will be required to specify a Callback URL.
This is the URL you will be redirected to after explicitly granting access. Microsoft Project requires this callback to use 'https://'.
You can work around this restriction by supplying 'https://oauth.cdata.com/oauth/' as callback, and adding an extra state connection property which will contain the actual redirect callback.
Copy the ClientID and ClientSecret which will be needed later.
In order to access the microsoft project api we have to give scope permissions to the created app. In order to do that go to the following url: https://{site}.sharepoint.com/sites/{Project_Web_App_Site}/_layouts/15/AppInv.aspx.
In the App Id field enter the ClientID obtained when creating the app and click on Lookup. The other fields should automatically be filled with the apps details like Title, App Domain and Redirect URL. In the permissions request XML enter the following:
<AppPermissionRequests> <AppPermissionRequest Scope="http://sharepoint/projectserver" Right="Manage"/> <AppPermissionRequest Scope="http://sharepoint/projectserver/projects" Right="Write"/> <AppPermissionRequest Scope="http://sharepoint/projectserver/enterpriseresources" Right="Write"/> <AppPermissionRequest Scope="http://sharepoint/projectserver/reporting" Right="Read"/> </AppPermissionRequests>
These are the default permissions needed to have full access to the api. Also the logged in user should make sure they have the appropriate permissions to access the api. In case your Project Web App (PWA) is in Project permission mode, you can explicitly grant access to the Web Services for specified PWA users. To do this, you can follow the steps below.
- Open the 'PWA Settings' page on your PWA.
- Click on 'Manage Users' under the security section.
- Click on the 'User Name' of the interested user.
- On the 'Edit User' page expand the Global Permissions section.
- Make sure the 'Allow' checkbox of the 'Access Project Server Reporting Service' option under the 'General' section is checked.
In case your PWA is in SharePoint permission mode, you will need to add the interested user in a group with at least the 'Access Project Server Reporting Service' permission enabled, such as: Portfolio Viewers, Portfolio Managers, and Administrators. To do this, you can follow the steps below.
- Open the 'PWA Settings' page on your PWA.
- Click on 'Manage Users' under the security section.
- Click on the 'User Name' of the interested user.
- On the 'Edit User' and under the 'Security Groups' select one of the groups with the required access permissions (such as: Portfolio Viewers, Portfolio Managers, and Administrators), and click on the '>' button to add the current user.
You can now use these credentials to connect to Microsoft Project by setting them as the following connection properties:
- InitiateOAuth = GETANDREFRESH.
- OAuthClientId = Client Id.
- OAuthClientSecret = Client Secret.
- CallbackURL = Your callback URL.
- Url = The URL of your site (https://{site}.sharepoint.com/sites/{Project_Web_App_Site}).
You can now use these credentials to connect to Microsoft Project by setting them as the following connection properties:
- InitiateOAuth = GETANDREFRESH.
- OAuthClientId = Client Id.
- OAuthClientSecret = Client Secret.
- CallbackURL = https://oauth.cdata.com/oauth/.
- State = Your actual callback URL (for example http://localhost:3333).
- Url = The URL of your site (https://{site}.sharepoint.com/sites/{Project_Web_App_Site}).