Azure HTTP PowerShell Function App - Get Data Using Client ID, Tenant And Thumbprint

Introduction

 
This article will give you a basic idea about how to Get Data from SharePoint List using Azure HTTP PowerShell Function App with the help of Client ID, Tenant & Thumbprint.
 

Steps 

  • To authenticate a SharePoint Site with Azure function App, we require a Private & Public certificate.

    You can generate an Azure Security certificate using the following PowerShell Commands.

    Open your windows Powershell or Windows ISE to run the below command.

    1. $password = "*******" | ConvertTo-SecureString -AsPlainText -Force  
    2.   
    3. New-PnPAzureCertificate -CommonName "[Name]" -ValidYears 2 -CertificatePassword $password -OutPfx "D:\Laptop Backup\Certificates\[filename.pfx]" -OutCert "D:\Laptop Backup\Certificates\[filename.cer]"  
    Note
    Specify password, Common Name, proper path and filename

  • Log in to the Azure Portal: https://portal.azure.com
  • To fetch data from SharePoint using Function App we need to register App and provide required Permission to API.
  • Go to Azure Active Directory

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Click on App Registration

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Give an App Name and select Access API.
  • If you want to fetch data from the current Tenant, then select "Account in this organizational Directory only (Single Tenant)".

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

    Note
    I have provided name as “ADAppAZSPPnP”

  • Once App Registration is done, go to the App. 
  • Copy Application (Client ID)
  • To access SharePoint data, we need to provide Permission to this API. For that, click on API Permission

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Click on Add Permission.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Here, we can select connectors. We can also select any API supported by Azure.

  • Select SharePoint.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint 

  • On SharePoint API Permissions, request select “Application Permissions”.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Select the required permission level. In this case, we need to fetch data, so I selected “Sites.Read.All”.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

    Note
    This will provide selected Permission to the whole SharePoint tenant.

  • Once permission is selected, we need to grant permission. Click on Grant Admin consent.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • For the registered app, we need to add certificates, which we created earlier.
  • For App registration, we need to upload a public certificate “.cer”
  • Click on Certificates & secrets.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint
  • Click on Upload Certificate.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • After uploading a certificate, copy your Thumbprint. It will be required in PowerShell script for Site Authentication.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Go to the Function App. On function app, we need to update configuration settings of the App.
  • Click on Configuration.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • On configuration settings, click on New Application Setting.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

    Add the following application settings:

     ClientID Paste Client ID which is copied from App Registration
     SiteURL SharePoint SiteURL to fetch data
     Tenant [tenantname].onmicrosoft.com
     Thumbprint Paste Thumbprint ID which is copied from Certificate
     WEBSITE_LOAD_CERTIFICATES *
  • To Authenticate Function App with SharePoint using API, we need to upload the Private Key certificate. For that, go to the TLS/SSL settings of the Function App.

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Go to the Private Key Certificate tab and upload the private certificate which we created with the extension “.pfx”

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • While uploading the certificate, provide a password which we added while creating the certificate

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

  • Go to the Function App, if already function is Available, we can use the same or we can create a new one.

    To create a new function, refer to post 1.

    If you create a new function then you need to upload SharePointPnP dll files under the root folder of a function. For more info, refer to the below article.

    Create an Azure HTTP Trigger PowerShell Function App

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint
Under the code section, paste the below code:
  1. using namespace System.Net  
  2. Import-Module 'D:\home\site\wwwroot\[FunctionName]\modules\SharePointPnPPowerShellOnline\Newtonsoft.Json.dll'  
  3. Write-Host "Powershell http trigger"  
  4. $requestBody = Get-Content $req -Raw | ConvertFrom-Json  
  5.   
  6. $tenant = $env:Tenant  
  7. $cleintid = $env:ClientID  
  8. $thumbprint = $env:Thumbprint  
  9. $siteurl = $env:SiteURL  
  10. $listname = "[ListName]"  
  11.   
  12. Connect-PnPOnline -Url $siteurl -ClientId $cleintid -Thumbprint $thumbprint -Tenant $tenant  
  13.   
  14. $web = Get-PnPWeb  
  15. $title = $web.Title  
  16. $listitems = Get-PnPListItem -List $listname  
  17. $listArray = New-Object System.Collections.Generic.List[System.Object]  
  18. foreach ($item in $listitems)  
  19. {  
  20.     $listArray.Add([hashtable]@{  
  21.             DisplayTitle=$item["Title"];  
  22.             Id= $item["ID"]  
  23.         }  
  24.     )  
  25. }  
  26. $json = $listArray | ConvertTo-Json  
  27. Out-File -Encoding Ascii -FilePath $res -inputObject $json  
  • To check output, click on run or Copy the Function URL and run in a browser.
  • If you are trying to call this API from a specific application, then you need to add an application hostname in Function App CORS settings.

    Go to Function App API managment ==> CORS

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

    Under CORS settings add the hostname of the application, if you want to make it open for all External applications then set "*"

    Azure HTTP PowerShell Function App To Get Data Using Client ID, Tenant And Thumbprint

Summary

 
Using the Azure Function App, we can use SharePoint Data to Open source, any HTML, or other systems.
 
With the use of Client ID, thumbprint & tenant, we don't need to enter the credentials of the user.


Similar Articles