Introduction
- In this article, we will learn how can we perform SharePoint app-only authentication in Power Automate.
- Here in this article, we will get users from the SharePoint group through SharePoint app-only authentication in Power Automate.
- SharePoint App-Only is older, but it is useful in many scenarios.
First, we will learn how to create a SharePoint App for authentication.
How to create a SharePoint App
Step 1. Navigate to your site collection and then open the appregnew.aspx page.
https://{tenant name}.sharepoint.com/_layouts/15/appregnew.aspx
Step 2. On this page, click on the Generate button to generate a client ID and client secret.
![Generate button]()
Step 3. Store the retrieved information (client ID and client secret). We will need this in the next steps.
Step 4. In the Title field, type the name of the App. For App Domain type www.localhost.com and to Redirect URI, type https://www.localhost.com.
![App Domain]()
Step 5. Now click on the Create button.
Step 6. Now we need to grant permission to the newly created app. To grant permission, go to the app in.aspx page of your site.
https://{tenant name}.sharepoint.com/_layouts/15/appinv.aspx
Step 7. Once the page is loaded, add the client ID in the App Id field and click on the Lookup button.
![Client ID]()
Step 8. On clicking the Lookup button, it will fill in other information like Title, App Domain, and Redirect URL.
![Redirect URL]()
Step 9. Now in a Permission Request XML, enter the below XML.
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />
</AppPermissionRequests>
Step 10. Now click on the Create button. When you click on the Create button, it will redirect to a permission consent dialog. Press Trust It to grant the permissions.
![Create button]()
Step 11. Now our SharePoint app is ready, so let’s move to the Power Automate.
How to use this Client ID and Client Secret in Power Automate?
Step 1. We will use the HTTP request action of Power Automate, which requires a premium license.
![HTTP request action]()
Step 2. We will need the below IDs.
- Client ID, which we have generated while creating the App in the SharePoint site.
- Client Secret, which we have generated while creating the App in the SharePoint site.
- Tenant ID, to get the tenant ID, go to https://portal.azure.com/ and go to Azure Active Directory. Here you can see your tenant ID.
![Azure Active Directory]()
Step 3. Now first, we need to get the token using client ID client secret, and tenant ID. To get the token, add the HTTP request action in Power Automate and select all the parameter values as below.
| Method |
Post |
| URI |
https://accounts.accesscontrol.windows.net/{tenant id}/tokens/OAuth/2 |
| Headers |
Content-Type: application/x-www-form-URL-encoded |
| Body |
grant_type=client_credentials&client_id={CLIENT ID}@{TENANT ID}&client_secret={CLIENT SECRET} =&resource=00000003-0000-0ff1-ce00-000000000000/{TENANT NAME}.sharepoint.com@{TENANT ID} |
![Power Automate]()
Step 4. Now add the compose action and select the below formula in the Inputs field.
body('Get_SP_Token')['access_token']
![Compose]()
Step 5. Now again, add the HTTP request action and select the value of the parameter as shown below.
![Get SP group users]()
Step 5. Now you can test the flow. In the above HTTP request action (Get SP Group Users), you can see the users of the group in the Body section once flow execution is completed.
![Body section]()
Step 6. Now you can use Apply to each action to perform any action on each user.
Summary
This is how we can perform a SharePoint app-only authentication in Power Automate. I hope this article will be helpful!