What are Correct Values for App Domain an Redirect URI when using SharePoint App Only Authentication

Occasional Visitor

 

Hi,

 

I need to write a C# program running on one of the our servers (in AWS) to be able to transfer files to and from a shared folder in our Sharepoint using App Only Authentication.

 

I need to use App Only Authentication because MFA is enabled for all our SharePoint user accounts.

 

I have read throroughly and followed the instructions given in this Microsoft article.

 

Here are the pertinent details.

 

Please note that, in the following, for security reasons I have replaced actual identifying information with placeholders e.g. replaced the first part of our SharePoint domain name with mysharepoint as in mysharepoint.sharepoint.com

 

I have set up a client ID and secret using

https://mysharepoint.sharepoint.com/_layouts/15/appregnew.aspx

 

I have also given the app FullControl using the XML below in the "App's Permission Request XML" field using

https://mysharepoint.sharepoint.com/_layouts/15/appinv.asp

 

<AppPermissionRequests>
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web/list" Right="FullControl"/>
</AppPermissionRequests>


The first form I mention above - appregnew.aspx - is also asking for an App Domain and a Redirect URI.

 

I cannot find any guidance anywhere on what these values really mean and what they should be set to.

 

Do they relate to the domain in which our C# program resides?

 

If so, how would we make this happen when our C# program makes the request to Sharepoint i.e. how do we associate a domain with our C# program in such a way that Sharepoint will identify it when our C# program is making a request to Sharepoint?

 

I have tried using the "default" values i.e. www.localhost.com for App Domain and https://www.localhost.com for Redirect URI.

 

However, when trying to upload or download files from Sharepoint, I get authorisation errors.

 

For example, here is the error I get when trying to upload a file:

 

401 Client Error: Unauthorized for url:
https://<mysharepoint>.sharepoint.com/_api/Web/getFolderByServerRelativeUrl('%2FShared%20Documents%2FMyFolder%2F')/Files/add(overwrite=true,url='test.txt')

 

Also in the AppPermissionRequest, the example given for the Scope is:

"http://sharepoint/content/tenant"

 

Again I can't find any information on what this should really be? Should it be this value or should it be customised for our SharePoint and if so how?

0 Replies