Skip to main content

OAuth 2.0 for SharePoint

Configure Alteryx One Platform to integrate with your SharePoint Files and Lists deployment using OAuth 2.0 to authenticate.

For certificate-based authentication, go to Criar certificado para autenticação somente por aplicativo do SharePoint.

Prerequisites

  • OAuth 2.0 is supported for SharePoint Files and Lists Online, which is available on Microsoft Azure.

  • OAuth 2.0 authentication must be enabled in Alteryx One. For more information, see Enable OAuth 2.0 Authentication.

Create OAuth 2.0 Client App in Azure

In the Azure console, you must create the client app.

Steps:

  1. Login to Azure: https://portal.azure.com/#home

  2. Select Azure Active Directory > App Registrations > New registration.

  3. Specify the following fields:

    Field

    Description

    Name

    The name of the app.

    Supported Account Types

    Select either:

    • Single tenant

    • Multi tenant

    Redirect URI

    Specify the URL in the following format, depending your project or workspace login:

    https://<Login_URL>/oauth2/callback

    Example:

    https://us1.alteryxcloud.com/oauth2/callback

  4. To create the new registration, click Register.

  5. Overview tab:

    Nota

    Copy the value for the Application (client) Id. This value must be applied in Alteryx One.

  6. Certificates & Secrets tab: To create a new client secret:

    1. Select New client secret.

    2. Set the Expires option to Never.

    3. Select Add.

      Nota

      Copy the Value field. This value is the client secret and must be applied in Alteryx One.

  7. API Permissions tab:

    1. Select Add a permission.

    2. Specify the permissions to enable for the client app.

      • For an app with user's credentials, add these Delegated permissions:

        Sharepoint Files:

        Microsoft Graph

        1. email

        2. offline_access

        3. openid

        4. profile

        5. User.Read

        6. Files.Read.All - for SharePoint Input.

          OR

          Filed.ReadWrite.All - for SharePoint Output.

          Add both permissions for SharePoint Input and Output.

        7. Sites.Read.All

        SharePoint Lists:

        SharePoint

        1. AllSites.Manage

        2. AllSites.Read

        3. AllSites.Write

      • For an app with a service principal, add these Application permissions:

        SharePoint Files and Lists:

        Microsoft Graph

        1. Sites.Selected

          Visit the Alteryx Community for more details.

        AND/OR

        SharePoint

        1. Sites.Manage.All

        2. Sites.ReadWrite.All

        3. User.Read.All

  8. Save your changes.

Create OAuth 2.0 Client for SharePoint

After the SharePoint Lists client app is created, you must create an OAuth 2.0 client in Alteryx One, which is used to integrate with the OAuth 2.0 Client app that you created in Azure.

Steps:

  1. Login to Alteryx One as a workspace administrator.

  2. In the lefthand menu, select User menu > Admin console > OAuth 2.0 Clients.

  3. In the OAuth 2.0 Clients page, click Register OAuth 2.0.0 Client.

  4. Specify the fields for the new client:

    Field

    Description

    Type

    sharepoint files or sharepoint lists

    Name

    Enter a name for the client.

    Client ID

    Paste the value of the Application (client) Id that was generated when you created the client app in Azure.

    Client Secret

    Paste the value of the client secret that was generated when you created the client app in Azure.

    Authorization URL

    Single tenant:

    https://login.microsoftonline.com/<tenant_identifier>/oauth2/v2.0/authorize

    Multi-tenant:

    https://login.microsoftonline.com/common/oauth2/v2.0/authorize

    Token URL

    Single tenant:

    https://login.microsoftonline.com/<tenant_identifier>/oauth2/v2.0/token

    Multi-tenant:

    https://login.microsoftonline.com/common/oauth2/v2.0/token

    Scopes

    Set the scopes to the following values:

    SharePoint Files:

    • https://graph.microsoft.com/.default

    • offline_access

    SharePoint Lists:

    • https://<your_sharepoint_lists_domain>/AllSites.Manage

    • offline_access

    • openid

    Importante

    Individual scopes must be separated by a space.

    Access Token Expires In

    Set this value to the following: 3599999.

    Refresh Token Expires In

    Set this value to the following: 7775999999.

  5. To save your OAuth 2.0 client, click Save.

For more information, see Create OAuth2 Client.

Create SharePoint Connection

After you have created the two OAuth 2.0 client references, you can create a connection to your SharePoint data.

Nota

You must create a separate connection for each OAuth 2.0 client that is available in Alteryx One.

For more information, see Microsoft SharePoint Files Connections or Microsoft SharePoint Lists Connections.

Troubleshoot Access Issues

In the above steps, you created an OAuth app in the Azure portal. However, unless individual users or user groups are entitled to access and use this app, they might not be able to use it with connections created in Alteryx One. Use these steps to add users to the app:

  1. On the Azure Portal, go to Enterprise Application.

  2. Search for the OAuth application you created.

  3. Under the OAuth application, follow options a OR b:

    1. Select Users and groups from the left navigation panel, and then add the appropriate users and user groups.

    2. Select Properties from the left navigation panel and then set Assignment required? to No. This gives access to users without needing explicit assignment to the app.

Nesta secção: