
A situation recently popped up at work where we had a partner that needed to download files from one of our SharePoint Document Libraries. The partner preferred to create a script that would download the files to their systems. Rather than creating a user account with credentials to access the document library, we choose to use an App ID with limited permissions.
App Authentication
App Authentication is available with SharePoint Online and SharePoint OnPremis
Register your app:
Browse out to your site collection: (Example: https://tenantname.sharepoint.com/site/sitename)
Browse to the "hidden" appregnew.aspx page. (Example: https://tenantname.sharepoint.com/site/sitename/_layouts/15/appregnew.aspx)
Select Generate to create your App ID then Generate to create your Client Secret.
Give your AppID a name
Then enter an App Domain and Redirect URI.
Select Create
Be sure to document the App ID, Secret and Title somewhere.
Give your app permissions
Browse to your site collection: (Example: https://tenantname.sharepoint.com/site/sitename)
Browse to the "hidden" appinv.aspx page. (Example: https://tenantname.sharepoint.com/site/sitename/_layouts/15/appinv.aspx)
Enter the App ID that was documented in Step 7 and select Lookup
Enter the permissions XML in the Permissions Request XML box. (Example: <AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="[SCOPE]" Right="[PERMISSION]" /> </AppPermissionRequests> [SCOPE]"= Use a value from the list below without the [] [PERMISSION] = Use a value from the list below without the [] You can assign multiple permissions to the App, for example you may want an App to have read permissions to a site and write permissions to a list. Just add another AppPermissionRequest line.) Use the values below exactly as written Don't do what I did the first time and try an put the actual site address in the SCOPE part of the xml. :) Scope of permissions Tenant: http://sharepoint/content/tenant Site Collection: http://sharepoint/content/sitecollection Sub Site: http://sharepoint/content/sitecollection/web List or Library: http://sharepoint/content/sitecollection/web/list Permissions Read and download: Read Add, edit and delete: Write Full access: FullControll
Select Create If you selected a List or Library you will be prompted to choose what List or Library to apply the permissions too.
Comentarios