How To Create Access Token From SharePoint Online?

How To Create Access Tokens From SharePoint Online?

An access key token is used to authenticate your access to Microsoft translator API. It provides secure access to Microsoft Translator API.

Here we can set up OAuth for SharePoint Online to authorize REST API calls to the SharePoint site to retrieve and manipulate the site data. 

Below are the detailed steps,

Step 1

Register an app in SharePoint. 

Step 2

Navigate to https://your_site_name.com/_layouts/15/appregnew.aspx 

Step 3

Click Generate for Client Id and Client Secret.

Step 4

It will ask to fill in Client Id, Client Secret, Title, App Domain, and Redirect URI.

  • Client Id is a GUID for the SharePoint Add, which we got while registering the App.
  • Client Secret- it is the password for the add-ins. It is associated with the client id; it will be shown again. We need to store it securely or be able to regenerate a new client secret.
  • Title-  You can fill in any name, which is used to display in the add-in trust screen.
  • App Domain- The host of the remote server of the add-in. If the https is not configured in 443, we need to mention the port number.
  • Redirect URI- The endpoint of the remote application to send the ACS authentication code. 

Note. The Client's secret key validity is one year since the creation of your Apps. We will use Powershell to update the key.

Step 5

Generate a new ClientSecret for this clientID. It uses the same clientId as set in the above step. The new ClientSecret is valid for 3 years. 

$bytes = New-Object Byte[] 32  
$rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()  
$rand.GetBytes($bytes)  
$rand.Dispose()  
$newClientSecret = [System.Convert]::ToBase64String($bytes)  
$dtStart = [System.DateTime]::Now  
$dtEnd = $dtStart.AddYears(3)  
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric -Usage Sign -Value $newClientSecret -StartDate $dtStart  -EndDate $dtEnd  
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric -Usage Verify -Value $newClientSecret   -StartDate $dtStart  -EndDate $dtEnd  
New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Password -Usage Verify -Value $newClientSecret   -StartDate $dtStart  -EndDate $dtEnd  
$newClientSecret

Step 6

Copy the output of $newClientSecret.

Step 7

Replace the Web.config with this ClientId and ClientSecret. You don't need SecondaryClientSecret app settings.

Step 8

Wait at least 24 hours to propagate ClientSecret to SharePoint Office (SPO)

Create a Package for your Client 

Step 1

Open SharePoint Online.

Step 2

Put the URL "  https://your_site_name.com/_layouts/15/appregnew.aspx ". 

How To Create Access Token From SharePoint Online?

Fill in the details,

How To Create Access Token From SharePoint Online

After that, you have to click Create a button to get a confirmation screen.

How To Create Access Token From SharePoint Online

Summary

Here are the steps for creating the Access key token in SharePoint online and extending the Client secret using the Powershell command.