Forum Discussion

UltanPinergy's avatar
UltanPinergy
Copper Contributor
Sep 24, 2021

What are Correct Values for App Domain an Redirect URI when using SharePoint App Only Authentication

 

Hi,

 

I need to write a C# program running on one of the our servers (in AWS) to be able to transfer files to and from a shared folder in our Sharepoint using App Only Authentication.

 

I need to use App Only Authentication because MFA is enabled for all our SharePoint user accounts.

 

I have read throroughly and followed the instructions given in this Microsoft article.

  • https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureac

 

Here are the pertinent details.

 

Please note that, in the following, for security reasons I have replaced actual identifying information with placeholders e.g. replaced the first part of our SharePoint domain name with mysharepoint as in mysharepoint.sharepoint.com

 

I have set up a client ID and secret using

https://mysharepoint.sharepoint.com/_layouts/15/appregnew.aspx

 

I have also given the app FullControl using the XML below in the "App's Permission Request XML" field using

https://mysharepoint.sharepoint.com/_layouts/15/appinv.asp

 

<AppPermissionRequests>
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="FullControl"/>
</AppPermissionRequests>


The first form I mention above - appregnew.aspx - is also asking for an App Domain and a Redirect URI.

 

I cannot find any guidance anywhere on what these values really mean and what they should be set to.

 

Do they relate to the domain in which our C# program resides?

 

If so, how would we make this happen when our C# program makes the request to Sharepoint i.e. how do we associate a domain with our C# program in such a way that Sharepoint will identify it when our C# program is making a request to Sharepoint?

 

I have tried using the "default" values i.e. http://www.localhost.com for App Domain and https://www.localhost.com for Redirect URI.

 

However, when trying to upload or download files from Sharepoint, I get authorisation errors.

 

For example, here is the error I get when trying to upload a file:

 

401 Client Error: Unauthorized for url:
https://<mysharepoint>.sharepoint.com/_api/Web/getFolderByServerRelativeUrl('%2FShared%20Documents%2FMyFolder%2F')/Files/add(overwrite=true,url='test.txt')

 

Also in the AppPermissionRequest, the example given for the Scope is:

"http://sharepoint/content/tenant"

 

Again I can't find any information on what this should really be? Should it be this value or should it be customised for our SharePoint and if so how?

No RepliesBe the first to reply

Resources