SharePoint Online: How to Register a Never Expiring App ID Secret with Azure AD?
Requirement: Register a never expiring App ID secret using Azure AD.
Any App ID (or Client ID) registered through SharePoint Online has an expiry date of 1 year by default. How do I register an App ID that's never expiring? Well, You have to register the App through Azure AD! Here are the steps:
Step 1: Register an App from Azure AD
To register a client app and client secret in Azure AD, follow these steps:
Step 2: Grant Necessary Permissions to the App ID
Once we have the App ID registered, the next step is to grant permissions to the App ID.
Any App ID (or Client ID) registered through SharePoint Online has an expiry date of 1 year by default. How do I register an App ID that's never expiring? Well, You have to register the App through Azure AD! Here are the steps:
Step 1: Register an App from Azure AD
To register a client app and client secret in Azure AD, follow these steps:
- Log in to Azure Portal https://aad.portal.azure.com as an administrator
- Navigate to Azure Active Directory >> Click on "App registrations" from the left navigation menu.
- Register a new app by clicking on "New registration" link.
- Provide a name to your app, choose the account types and click on "Register"
- Once the app is created, Open the app >> Click on "Certificates & secretes" link in the left navigation menu
- Create the client secret by clicking on "New client secret" >> Provide a description and choose the Expires option to "Never" and click on "Add".
- Copy the client secret generated and store it in a safe place.
Step 2: Grant Necessary Permissions to the App ID
Once we have the App ID registered, the next step is to grant permissions to the App ID.
- Navigate to the URL https://crescent-admin.sharepoint.com/_layouts/15/appinv.aspx as a SharePoint Online Administrator to grant tenant level permissions. Here I'm granting tenant level permissions. So, I've to use the tenant admin URL!
- Enter the ID of the App you created in Step 1 and click on "Lookup".
- Fill in other details in the page. I've entered this in Permission Request XML.
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" /> </AppPermissionRequests>
- Click on "Create" and then "Trust It" on the next page presented to complete the wizard.
No comments:
Please Login and comment to get your questions answered!