Mar 05 2020 10:31 PM
Mar 05 2020 10:31 PM
I have registered SharePoint addin in azure and granted admin consent to the app. I am able to generate token in postman by specifying client credentials and resource details and the received token contain has got "Site.Read.All" role (token obtained from accounts.accesscontrol.windows.net). But in the subsequent SharePoint REST API call to fetch the list details using this token , I am getting 403 Forbidden error.
.Can anyone help?
Mar 06 2020 08:48 AM
Hey @reshk1950 ,
So, you need to register an application to use SharePoint or are you just trying to query SharePoint from Postman? If you want to make some REST queries and that's it, the fastest way would be to:
Of course, if you need to register an application you would have to go a lot deeper than this. Let me know if it helps.
Oct 27 2021 04:32 AM
Oct 27 2021 10:23 PM
To get a token from your application, without user interaction, you should use the client credentials flow. Here's the official documentation from Microsoft. Since you're using Postman, notice that they provide a great collection of REST calls to get the token that you need. But before that, you should use Azure to create an app registration and set up the permissions you need. The article you mentioned uses an old and non-recommended way to authenticate to SharePoint.
Now, to connect directly to your SharePoint site and make your CRUD requests, I would recommend you use the PnP Core SDK, a great library for .NET that simplifies the authentication and the requests for you.
The problem using the client credentials flow is that, to connect to SharePoint, you need to generate and upload a certificate, which could be a pain in the butt. If you follow through the process to generate and upload a certificate to Azure, then you can use the PnP Core SDK to talk to SharePoint.
However, the easiest way to talk to SharePoint, without having to create and upload a certificate, would be to get a token to MS Graph, and use the /sites endpoint to talk to your SharePoint site. From there, you can make CRUD requests to your list as well, once you find the endpoint to it. The upside of this approach is that you only need a client id and a client secret to get a token from MS Graph, so you'd be able to test the requests through Postman.
Let me know if you need help following any of these approaches.
Oct 27 2021 11:30 PM