Before you create a Microsoft SharePoint Online connection to read from or write to Microsoft SharePoint Online, be sure to complete the prerequisites.
Generate the client ID and client secret
The client Id and client secret are required to generate a valid access token.
Perform the following steps to generate the client ID and client secret:
1Log in to the Microsoft SharePoint Online account.
The value of the client ID is displayed in the Client Id field. The following image shows the App Information page where you can generate the values of the client ID and client secret:
4Click Generate next to the Client Secret field.
The value of the client secret is displayed in the Client Secret field.
5Enter an appropriate title for the App in the Title field.
6Enter an app domain name in the App Domain field.
For example, www.google.com
7Enter a URL in the Redirect URL field.
For example, https://localhost/. You must enter the same redirect URL in the connection property.
8Click Create.
The page redirects to the Microsoft SharePoint Online page and the following message appears:
The app identifier has been successfully created.
The values of the client ID, client secret, title, and redirect URL are displayed.
Generate the bearer realm
A bearer realm is a unique ID provided for each user. Generate the bearer realm to obtain the authorization code.
Perform the following steps to generate the bearer realm:
1Open the Google PostMan application.
2Enter the following site or subsite URL in the Google PostMan application:
For example, https://icloudconnectivitydev.sharepoint.com/_layouts/15/oauthauthorize.aspx?client_id=ecea5b1b-80e4-4f3e-a269-48b85c1797a8& scope=AllSites.Manage&response_type=code&redirect_uri=https%3A%2F%2Flocalhost%2F
For example, //informaticaone.sharepoint.com/sites/TEST/_layouts/15/oauthauthorize.aspx?client_id=ecea5b1b-80e4-4f3e-a269-48b85c1797a8& scope=AllSites.Manage&response_type=code&redirect_uri=https%3A%2F%2Flocalhost%2F
2Click Trust it to grant the application read access to the current site after the page redirects to the redirect URL page that you specify in the connection property.
The redirect URL page includes the authorization code as a query string in the following format:
https://<redirect_url>/?code=<authcode>
The following image shows the authorization code as a query string in the URI:
Note: The authorization code generated is valid only for five minutes.
Generate the Refresh Token
1Enter the following URL in the Google PostMan application:https://accounts.accesscontrol.windows.net/<bearer_realm>/tokens/OAuth/2
The following image shows the Normal tab in the Google PostMan application where you can configure the properties to generate the refresh token:
2Select the POST method.
3On the Header tab, enter Content-Type in the Key Name field and application/x-www-form-urlencoded in the Value field.
4On the Body tab, enter the xml request in the following format:
grant_type=authorization_code &client_id=<client_id>@<bearer_realm> &client_secret=<client_secret> &code=<auth_code> &redirect_uri=<redirect_url> &resource=< audience principal ID >/<site_host>@<bearer_realm>
5Click Send.
The refresh token is generated in the Response tab. The following image shows the Response tab where the refresh token is generated: