Creating a custom OAuth app and a service principal that can access the necessary resources is required when authenticating using an Azure Service Principal.
Follow the steps below to create a custom OAuth app and obtain the connection properties for the Azure Service Principal authentication.
Steps to Create a Custom OAuth App
Follow the steps below to obtain the OAuth values for your app.
- Log in to https://portal.azure.com.
- In the left-hand navigation pane, select Azure Active Directory then App Registrations and click on New registration button.
- Enter an app name and set the radio button for "Any Azure AD Directory - Multi Tenant". Then set the redirect url to something such as http://localhost:33333, the 本製品's default.
- Copy the Application (client) ID value displayed on the Overview section after creating the app, since this value is used as the OAuthClientId
- Define the app authentication type by going to the Certificates & Secrets section. In the Certificates & Secrets section, select Upload certificate and select the certificate to upload from your local machine.
- In the Authentication tab, make sure to check the option: Access tokens (used for implicit flows).
- In the API Permissions section, click on Add a permission and select Sharepoint. Select Application Permissions and choose the permissions you want your app to have. For complete access rights, make sure the Sites.FullControl.All option is checked.