Connect Provider Hosted Apps to SharePoint Online
Auth0 can help radically simplify the authentication process for SharePoint Apps. Auth0 will negotiate an Access Token you can the use to call SharePoint APIs.
You won't need any special libraries. You can use any of the SDKs supported by Auth0.
1. Register your application in Auth0
Just register a new application in Auth0 as you would normally do: Applications > NEW. Pick up any of the SDKs available for detailed instructions. Keep the client_id
handy, as you will need it in the next step.
2. Create a package for your application
You need to obtain a Client ID and a Client Secret for your application. There are many ways of registering your application depending on the expected usage.
Register SharePoint Add-ins (Microsoft Docs) explains all different ways of registering your application in SharePoint. This step in the tutorial will use the simplest form: using self-registration in a specific tenant (yours).
Open SharePoint Online
The URL for the dashboard is https://{your Office365 tenant}.sharepoint.com/_layouts/15/appregnew.aspx
Generate a Client_Id and ClientSecret:
Complete the information in the form:
Since Auth0 is in between your app and the Office 365 infrastructure, you need to use this URL for the app:
App Domain:
{yourDomain}
Redirect URI:
connection
is just the name you will use in Auth0's connections (such as "sharepoint").client_id
identifies your app in Auth0 (created in steps 1).redirect_uri
is the location in your actual app, where your users will land eventually after all negotiations complete. If you don't specify it, it will always be the app's callback URL defined in Auth0 (it could be localhost)
Package the app and upload to SharePoint:
Complete the information in your app manifest in Visual Studio:
Notice the Query string
will be exactly like the Redirect URI
you completed before. Then right-click on the project and select Publish
:
Create a Publishing Profile (you will have to enter the same Client Id & Client Secret obtained in the SharePoint dashboard).
Click on Package and upload the resulting file to SharePoint.
3. Create the Connection in Auth0
The last step in the integration is to add a SharePoint connection in Auth0.
You will need:
Connection Name
. This is an arbitrary name. It has to match with what you entered in step 2.Client Id
&Client Secret
. Also need to match what you entered in step 2.Test SharePoint Site Url
. This is the SP site URL used to test the connection. (such as when pressing the 'Try' button on the dashboard). This is never used at runtime because users will always follow the link to your site from within SharePoint.
Users will install your app from the Office Marketplace. When they click on the link, they will be directed to Auth0, which will negotiate the Access Token for you, and finally to your app. Your app will receive a User Profile
that will look like this:
The following properties will be included: cacheKey
, refresh_token
, host
, and site
. These will allow you to call back SharePoint APIs (such as lists).