Sharepoint Online REST API with Azure AD v2.0 authentication

1
votes

Is it possible to authenticate to Sharepoint Online REST API with Azure AD application v2.0 authentication? If yes, which scope should I use for requesting my permissions. Now (for MS Graph API usage) I request "https://graph.microsoft.com/.default" as scope but didn't find any alternative to this for Sharepoint Online REST API.

I already registered an application on apps.dev.miscrosoft.com, this application is available on portal.azure.com. There I have added required permissions for Sharepoint Online.

2
azuresharepointmicrosoft-graph-api

2 Answers

0
votes

It should be the same authentication with Azure AD, the scope you are looking for should be the Site scopes.

https://docs.microsoft.com/en-us/graph/permissions-reference?view=graph-rest-beta#sites-permissions

Do not have SharePoint sites to check but if permission are granted to the application you should be able to query SharePoint site using Azure Graph APIs.

https://docs.microsoft.com/en-us/graph/api/resources/sharepoint?view=graph-rest-beta

Overview

https://docs.microsoft.com/en-us/graph/sharepoint-concept-overview

2
votes

Yes you can. To do this first you need to get a new access token using a regular refresh token you got for the graph already:

POST https://login.microsoftonline.com/{{tenantName}}/oauth2/v2.0/token

Except this time pass the following for the scope header:

https://{{tenantName}}.sharepoint.com/Sites.Read.All

Your application will need to already be consented for this scope etc...

The response will give you can access token that can be used again SPO APIs.