At line 1 changed one line |
!!!1. Sharepoint Microsoft Graph REST API based integration.\\ |
!!!1. Sharepoint Microsoft Graph REST API-based integration.\\ |
\\ |
More info about Microsft Graph REST API: [https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0}]\\ |
\\ |
At line 4 changed one line |
__!!!Constraint:__ Microsoft Graph REST API does not support stream upload. In order to integrate with CrushFTP the files are temporary stored as local file (CrushFTP install folder/sharepoint/) during the upload.\\ |
__Proxy__: If your server's internet connection uses a proxy server. You need to whitelist domains: login.microsoftonline.com, graph.microsoft.com\\ |
At line 6 changed one line |
Go to the the Microsoft azure portal: [https://azure.microsoft.com/en-us/features/azure-portal]/\\ |
Go to the Microsoft Azure portal: [https://azure.microsoft.com/en-us/features/azure-portal]/\\ |
At line 12 changed one line |
Name it. Select the Multitenant and personal Microsoft accounts type. The redirect url must ends with: register_microsoft_graph_api/. Then click on register.\\ |
Name it. Select the Multitenant and personal Microsoft accounts type. The redirect URL must end with register_microsoft_graph_api/. Then click on register.\\ |
At line 14 changed one line |
[attachments|register_app.png] |
[attachments|register_app.png]\\ |
At line 16 changed one line |
__API permission :__ You also need to provide permission for the Microsoft Graph. Go to the Api permission. Click on Add permission, select Microsoft Graph. Choose Delegated permission and add the "Files.ReadWrite.All" permission:\\ |
Under the redirect URL enable the __Access Token__ to be issued by the authorization endpoint:\\ |
At line 21 added 40 lines |
[attachments|SMTP Microsoft Graph XOAUTH 2 Integration/enable_access_token.png]\\ |
\\ |
__API permission:__ You must also provide permission for the Microsoft Graph. Go to the Api permission. Click on Add Permission, and select Microsoft Graph. About __Microsoft Graph Permission__ see more details at [https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http] (it explains Application Permission and Delegated Permission).\\ |
\\ |
!!!1.1 Application Permission:\\ |
\\ |
__Available on Version 10.5.1 Build : 14+__\\ |
\\ |
It permits a Server to __server-to-server__ authentication. Add __Files.REadWriteAll__ permission.\\ |
\\ |
[OneDriveSetup/ms_graph_app_permission.png]\\ |
\\ |
Grant __Admin consent__ on the added permission.\\ |
\\ |
[attachments|app_permission_admin_consent.png]\\ |
\\ |
__Client id : __ You can find it at Azure portal -> App Registration -> Overview:\\ |
\\ |
[attachments|client_id.png]\\ |
\\ |
__Secret key:__ A new client secret needs to be created as well. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret.\\ |
\\ |
[attachments|new_secret.png]\\ |
\\ |
[attachments|secret_value.png]\\ |
\\ |
__Authentication related settings:__\\ |
\\ |
__User name:__ Itt must start with "app_permission", then the Client ID separated with tilda.\\ |
{{{ |
app_permission~<<Client ID>> |
}}}\\ |
__Password:__ Client Secret.\\ |
__Tennant:__ The tenant id. Tenant: See your App registration -> Overview -> EndPoints. Based on the App Registration Account type it can be an ID, common, or consumer.\\ |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( Link: [https://www.crushftp.com/crush10wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings]\\ |
\\ |
[attachments|app_permission_vfs_item.png]\\ |
\\ |
!!!1.2 Delegated Permission:\\ |
\\ |
At line 25 changed one line |
__Secret key :__ A new client secret needs to be created as well. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret.\\ |
__Secret key:__ A new client secret needs to be created as well. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret.\\ |
At line 71 added one line |
\\ |
At line 32 changed one line |
__!!! CrushFTP admin page url must match with the redirect url.__ In our example : http://localhost:9090\\ |
__!!! The CrushFTP admin page URL must match the redirect URL.__ In our example : http://localhost:9090\\ |
At line 34 changed one line |
Select SharePoint item type click on "Get Refresh Token" button. Provide the Client ID and Client Secret, and Tenant (in almost all case it is just: common).\\ |
Select the SharePoint item type and click on the "Get Refresh Token" button. Provide the Client ID and Client Secret Value (not ID, see the screenshot), and Tenant (in almost all cases it is just: common).\\ |
At line 38 changed one line |
Click on "OK" button, log in with your azure credentials, allow CrushFTP to have access to your SharePoint files. After that the form will disappear and the username and password will be filled. Done.\\ |
Click on the "OK" button, log in with your Azure credentials, and allow CrushFTP to have access to your SharePoint files. After that the form will disappear and the username and password will be filled. Done.\\ |
At line 42 changed one line |
__Sharepoint specific settings:__\\ |
!!!1.3.Sharepoint-specific settings:__\\ |
At line 46 changed 4 lines |
__Site id__ : The sharepoint domain name.\\ |
__Site Path__ : The path of the SharePoint site. It should start and end with slash.\\ |
__Drive name__ : Each SharePoint site has document library where the site related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provied it's name\\ |
__Folder__ : Relative path of the document library of the sharepoint site. |
__Site id__ : The SharePoint domain name.\\ |
__Site Path__: The path of the SharePoint site. It should start and end with a slash.\\ |
__Drive name__: Each SharePoint site has a document library where the site-related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide its name.\\ |
__Folder__: Relative path of the document library of the SharePoint site.\\ |
__Conflict Behaviour__: \\ |
- __Rename__ the file/folder if already exits\\ |
- __Replace__ the file/folder if already exits\\ |
- __Fail__ if the file/folder already exists\\ |
At line 51 changed one line |
!!! 2. SharePoint REST service API based integration\\ |
!!! 2. SharePoint REST service API-based integration\\ |
At line 55 changed one line |
__!!!Constraint:__ On newer Sharepoint (after 2019) Grant App permission is disabled by default. To enable Custom Application APP Authentication run the following PowerShell commands:\\ |
__!!!Constraint:__ On newer Sharepoint (after 2019) Grant App permission as it is disabled by default. To enable Custom Application APP Authentication run the following PowerShell commands:\\ |
At line 110 added one line |
get-spotenant | Select DisableCustomAppAuthentication |
At line 113 added one line |
Or |
At line 65 changed one line |
__Advantage(Compared with MSGraph API)__: Stream upload supported. There is no temporary stored local file during the upload.\\ |
{{{ |
$creds = Get-Credential |
$orgName="<name of your Office 365 organization>" |
Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $creds |
get-spotenant | Select DisableCustomAppAuthentication |
set-spotenant -DisableCustomAppAuthentication $false |
}}} |
|
At line 124 added 2 lines |
__Advantage(Compared with MSGraph API Delegated Permission)__: Stream upload supported. There is no temporarily stored local file during the upload.\\ |
\\ |
At line 68 changed one line |
Navigate and login to SharePoint online site. Got to Register Add-In page by entering the url as: \\ |
Navigate and log in to the SharePoint online site. Got to the Register Add-In page by entering the URL as: \\ |
At line 72 changed one line |
Click Generate button.\\ |
Click the Generate button.\\ |
At line 87 changed one line |
This will redirect to Grant permission page. Enter the __Client ID__(generated earlier), in __AppId__ textbox and click Lookup button.\\ |
This will redirect to the Grant permission page. Enter the __Client ID__(generated earlier), in the __AppId__ textbox and click the Lookup button.\\ |
At line 149 added 5 lines |
Permission Request XML content: \\ |
{{{ |
<AppPermissionRequests AllowAppOnlyPolicy="true"> |
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl"/></AppPermissionRequests>}}}\\ |
\\ |
At line 94 changed 2 lines |
User name : \\ |
Password : \\ |
__User name__ : The created __Client ID__\\ |
__Password__ : The created __Client Secret__\\ |
__Site id__ : The sharepoint domain name.\\ |
__Site Path__: The path of the SharePoint site. It should start and end with a slash.\\ |
__Drive name__: Each SharePoint site has a document library where the site-related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide its name\\ |
__Folder__: Relative path of the document library of the sharepoint site.\\ |
At line 165 added 2 lines |
[attachments|sharepoint2_vfs.png]\\ |
\\ |