Creating an App in the Microsoft Azure Active Directory
An App must first be registered in the Microsoft Azure Active Directory before you can configure the Adapter for SharePoint Drive.
Create an App in the Microsoft Azure Active Directory
The Microsoft account Administrator needs to ensure that the Microsoft account used in the Adapter configuration has access to the Microsoft Azure Active Directory.
- Procedure
- Enter the following URL in a web browser.
If you are not already signed into Microsoft Azure, a sign-in dialog for Microsoft Azure opens, as shown in the following image.
- Enter valid Microsoft account credentials that have access to the Microsoft Azure Active Directory, and click Sign in.
The Microsoft Azure Dashboard screen opens, as shown in the following image.
- In the left panel, click Azure Active Directory.
The Azure Active Directory screen opens, as shown in the following image.
- In the left panel, click App registrations.
The App registrations screen opens, as shown in the following image.
- Click + New registration.
The Register an application panel opens, as shown in the following image.
- Enter the following values.
- Enter a Name for your new App.
- Select Public client/native (mobile & desktype) for the Application Type.
- Enter the host name and port used to access the WebFOCUS Reporting Server browser interface, appended with oauth20.exe, in the Redirect URI field.
For example:
http://host.ibi.com:8121/oauth20.exe
- Click Register.
The App Registration Overview screen for the created App opens, as shown in the following image.
- Click Endpoints.
The Endpoints panel opens, as shown in the following image.
- Click the Copy icon next to the OAuth 2.0 authorization endpoint (v1) field, and paste the copied Endpoint to a document that can be referenced when configuring the SharePoint Drive Adapter Connection.
For example:
https://login.microsoftonline.com/ cc6a2eeb-586d-4063-9057-xxxxxxxxxxxx/oauth2/authorize - Click the Copy icon next to the OAuth 2.0 token endpoint (v1) field and paste the copied Endpoint to a document that can be referenced when configuring the SharePoint Drive Adapter Connection.
For example:
https://login.microsoftonline.com/ cc6a2eeb-586d-4063-9057-xxxxxxxxxxxx/oauth2/token - Close the Endpoints panel.
The App Registration Overview screen for the created App is displayed, as shown in the following image.
- Click the Copy icon next to the Application (client) ID field and paste the copied Application (client) ID to a document that can be referenced when configuring the SharePoint Drive Adapter Connection.
For example:
f131408f-5217-4e91-97bf-5aec5d613a3e
- Click View API permissions.
The API permissions screen opens, as shown in the following image.
- Click + Add a permission.
The Request API permissions panel opens, as shown in the following image.
- Click the SharePoint rectangle.
The type of permissions panel opens, as shown in the following image.
- Click Delegated permissions.
Select permissions is added to the type of permissions panel, as shown in the following image.
- Expand AllSites and check the appropriate permissions.
For example:
AllSites.FullControl
- Click Add permissions.
The API Permissions screen opens showing the added permissions, as shown in the following image.
Depending on the permission, if the Status of any of the added permissions shows as Not granted, the Users Administrator for the SharePoint Online environment must grant admin consent.
- Click + Add a permission, and follow the previous instructions to add Microsoft Graph permissions.
The API Permissions screen opens showing the added permissions, as shown in the following image.
The Microsoft Graph API permissions Files.ReadWrite.All, Site.ReadWrite.All, and User.Read, as well as the SharePoint API permissions AllSites.Read and AllSites.Write do not require admin consent and will be sufficient for the SharePoint Drive Adapter, as shown in the following image.
