cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Auth0 authentication with SharePoint REST api

avjoseph365_00
New Contributor

‎Feb 21 2019 10:10 AM

‎Feb 21 2019 10:10 AM

Auth0 authentication with SharePoint REST api

I'm building a company web app with Node/Express and MongoDB. The authentication is handled by Auth0 and I have it set up so employees sign in with their Azure/Office365 credentials.

 

I want to be able to get, post, and put documents in our sharepoint sites from the web app. I.e. I'm building a controller for our Purchase Orders and want to be able to upload the POs to the corresponding specific POs folder in the SharePoint site.

 

Do I need a separate authentication/token for using the sharepoint REST api for doing something like this when users are already signed in to the web app with their Office365/Azure credentials through Auth0?

3,459 Views
0 Likes
3 Replies
Reply
3 Replies
Thomas Berman

‎Feb 22 2019 02:53 AM - edited ‎Feb 22 2019 02:57 AM

‎Feb 22 2019 02:53 AM - edited ‎Feb 22 2019 02:57 AM

Re: Auth0 authentication with SharePoint REST api

Hi Joseph,

 

Here's a pretty comprehensive list of the tools available for authenticating from a Node app to SharePoint Online.

 

https://github.com/SharePoint-NodeJS/Awesome-SharePoint-Node.js

 

What's your situation though? Do you need user permissions? For example, are you making calls to SharePoint lists where you need to return only items to which the logged in user has permissions? If that's the case, you're going to want to use the user's credentials and possibly look at Microsoft Graph with delegated permissions rather than direct connections to SharePoint.

 

https://docs.microsoft.com/en-us/graph/auth-overview

https://docs.microsoft.com/en-gb/graph/tutorials/node?tutorial-step=3

 

If you just need your app to connect to SharePoint and you don't need to security trim results or access by user (all users have the same permissions to your SharePoint list/library), your easiest option is probably to register the app in SharePoint or Azure AD grant it "App-Only" permissions for SharePoint then use the clientID and clientSecret from that. The first link has some resources for doing that from a Node app.

0 Likes
Reply
avjoseph365_00

‎Feb 25 2019 08:04 AM

‎Feb 25 2019 08:04 AM

Re: Auth0 authentication with SharePoint REST api

Thanks Thomas, I'll definitely check out those Node tools. The users will need permissions. I know theres a way to get Office365 groups from Auth0 for use in custom applications but this is the first time ive used Auth0 so not sure of the process with setting everything up I do have all the users in Office365 groups with assigned permissions so they can access the specific sites, folders, files, etc. I do have a web app setup and registered with Azure, which I assigned specific permissions for the app, but I'm not sure if I need to do any other form of backend authentication with the app when I interact with the SharePoint API for uploading foles to SharePoint Sites, or if just the Auth0 authentication I have in place will be enough. I havent used the SharePoint API before and not too sure how it works. Thanks again
0 Likes
Reply
best response confirmed by avjoseph365_00 (New Contributor)
Thomas Berman

‎Feb 26 2019 04:56 AM

‎Feb 26 2019 04:56 AM

Solution

Re: Auth0 authentication with SharePoint REST api

As it happens, @Paolo Pialorsi just did a demo on a potentially similar situation to yours!

 

https://www.youtube.com/watch?v=cRuSk21N810

1 Like
Reply