Requirement: Register a never-expiring App for SharePoint Online using Azure AD.
Any App ID (or Client ID) registered through SharePoint Online has an expiry date of 1 year by default. How do I register an App ID that’s never expiring? Well, You have to register the App through Azure AD! Here are the steps:
Step 1: Register an App from Azure AD
To register a client app and client secret in Azure AD, follow these steps:
- Log in to Azure Portal https://aad.portal.azure.com as an administrator
- Navigate to Azure Active Directory >> Click on “App registrations” from the left navigation menu.
- Register a new app by clicking on the “New registration” link.
- Provide a name to your app, choose the account types and click on “Register”
- Once the app is created, Open the app >> Click on the “Certificates & secretes” link in the left navigation menu
- Create the client secret by clicking on “New client secret” >> Provide a description and choose the Expires option to “Never” and click on “Add”.
- Copy the client secret generated and store it in a safe place.
Step 2: Grant Necessary Permissions to the App ID
Once we have the App ID registered, the next step is to grant permissions to the App ID.
- Navigate to the URL https://crescent-admin.sharepoint.com/_layouts/15/appinv.aspx as a SharePoint Online Administrator to grant tenant-level permissions. Here I’m granting tenant-level permissions. So, I’ve to use the tenant admin URL!
- Enter the ID of the App you created in Step 1 and click on “Lookup”.
- Fill in other details on the page. I’ve entered the below Permission Request XML.
- Click on “Create” and then “Trust It” on the next page presented to complete the wizard. Permission XML:
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="https://sharepoint/content/tenant" Right="FullControl" /> </AppPermissionRequests>
Now, your Client ID and Client Secret are ready to use to authenticate with SharePoint Online!