What data is sent when requesting an app only token with a certificate?
I am attempting to create an integration with the SharePoint API that requires no human interaction to perform its tasks. The language I am programming in is PHP. So far, all attempts to do so using client ID/secret have failed, with the use of the token returning "unsupported app only token". I have been attempting to find information on using X.509 certificates for my app to log in. However, everything I can find is in C#, and does not contain the data I require. Could someone please list the following: - URL. I believe this is the same .../token URL that the other method is supposed to use, but I could be wrong. - Header contents. - Body contents. - Body format. - If there is parsed/encoded data, such as the certificate, or something from the certificate, please also include what also needs to be done to it. Thank you for your time.SharePoint API authorization token
I am attempting to build an integration between the product the company I work for sells, and SharePoint. The purpose of the app is to create a folder or site structure based on data, and retrieve links to the files users upload to that structure so we can redirect people to them. The admin that takes care of our office365 set up the app, and I can get access tokens, but I get "Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown." or "Unsupported app only token." as a response. Here is how I am getting the token: URL: https://login.microsoftonline.com/<<tenant ID>>/oauth2/v2.0/token Headers: Content-Type: application/x-www-form-urlencoded Body (without URL encoding): client_id=<<client ID>>&scope=https://CompanyName.sharepoint.com/.default&client_secret=<<client secret>>&grant_type=client_credentials Request Type: POST Here is an example of what I am attempting to send (a request to get a list of files in a folder): URL: http://CompanyName.sharepoint.com/_api/web/GetFolderByServerRelativeUrl('/Folder1')/Files Headers: Authorization: bearer <<Access Token>> Accept: application/json;odata=verbose Request Type: GET