SharePoint Online: How to Register a Never Expiring App ID Secret with Azure AD?

Requirement: Register a never expiring App ID secret using Azure AD.

Any App ID (or Client ID) registered through SharePoint Online has an expiry date of 1 year by default. How do I register an App ID that's never expiring? Well, You have to register the App through Azure AD! Here are the steps:

Step 1: Register an App from Azure AD
To register a client app and client secret in Azure AD, follow these steps:
  • Log in to Azure Portal as an administrator
  • Navigate to Azure Active Directory >> Click on "App registrations" from the left navigation menu.
    add new app registration in azure ad
  • Register a new app by clicking on "New registration" link.
  • Provide a name to your app, choose the account types and click on "Register"
    register app in azure ad
  • Once the app is created,  Open the app >> Click on "Certificates & secretes" link in the left navigation menu
  • Create the client secret by clicking on "New client secret" >>  Provide a description and choose the Expires option to "Never" and click on "Add".
    never expiring app client secret
  • Copy the client secret generated and store it in a safe place.

Step 2: Grant Necessary Permissions to the App ID
Once we have the App ID registered, the next step is to grant permissions to the App ID.
  • Navigate to the URL as a SharePoint Online Administrator to grant tenant level permissions. Here I'm granting tenant level permissions. So, I've to use the tenant admin URL!
  • Enter the ID of the App you created in Step 1 and click on "Lookup".
  • Fill in other details in the page. I've entered this in Permission Request XML.
      <AppPermissionRequests AllowAppOnlyPolicy="true">
              <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
  • Click on "Create" and then "Trust It" on the next page presented to complete the wizard.
    grant permissions to app id in sharepoint online
Now, your Client ID and Client Secret is ready to use to authenticate with SharePoint Online!

No comments:

Please Login and comment to get your questions answered!

Powered by Blogger.