Enable OAuth

Microsoft® SharePoint 2016 or 2019 uses OAuth 2.0. To enable OAuth, follow these steps.

Procedure

  1. Sign in to Microsoft® SharePoint with your credentials.

  2. Register the add-in in Microsoft® SharePoin. To register the add-in, enter the following URL:

    https://<sitename>.SharePoint.com/_layouts/15/appregnew.aspx.

    1. Click Generate to generate the Client Id and Client Secret.

    2. Enter the add-in title.

    3. Enter localhost in the App Domain field.

    4. Enter https://localhost in the Redirect URI field.

      Enable OAuth

  3. Click Create.

    After registering the add-in, you have everything required to use ARIS together with Microsoft® SharePoint 2016 or 2019.

  4. Copy the Client ID and Client secret and save it to hand it over to the administrator who configures OAuth for ARIS document storage in ARIS.

  5. Grant permission to the add-in. To grant permissions for the add-in, enter:

    https://<sitename>.SharePoint.com/_layouts/15/appinv.aspx.

    1. Set the Read permission level to the web scope to be able to read the web information.

    2. Enter the client ID in the AppId field to retrieve the add-in details and click on Lookup.

      The fields retrieve and display the details of the add-in.

      Grant permission

    3. To allow Read permission, enter the following into the Permission Request XML field.

      <AppPermissionRequests AllowAppOnlyPolicy="true">

      <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="Read" />

      </AppPermissionRequests>

      To allow full control, enter the following into the Permission Request XML field.

      <AppPermissionRequests AllowAppOnlyPolicy="true">

      <AppPermissionRequest Scope="http://sharepoint/content/sitecollection"

      Right="FullControl" />

      </AppPermissionRequests>

      Specify permission

    4. Click Create.

    5. Click Trust it.

      Confirmation

  6. Get the tenant ID from Microsoft® SharePoint online. To get the tenant ID, enter the following:

    https://<sitename>.SharePoint.com/_layouts/15/appprincipals.aspx?Scope=Web.

    Get tenant ID

  7. To enable the search service for the OAuth connection, you must grant a tenant level read permission to the add-in.

    1. Navigate to the Microsoft® SharePoint admin grant permission page. To do so, enter the following URL: https://<sitename>-admin.sharepoint.com/_layouts/15/appinv.aspx in the browser.

      Enable search service for OAuth

    2. Enter the client ID, which we have generated earlier, in the AppId field to retrieve the add-in details and click Lookup. That will populate the values for the Title, App Domain, and Redirect URL fields.

      In the Permission Request XML text box, enter the following XML syntax as it is to allow read permission at tenant level.

      <AppPermissionRequests AllowAppOnlyPolicy="true">

      <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="Read" />

      </AppPermissionRequests>

      Give read permission at tenant level

You have enabled OAuth for Microsoft® SharePoint 2016 or 2019.