This section describes how to authenticate into the SharePoint REST API using Azure AD Applications by delegating permissions from a service account.
Permission Delegation
Authentication Flow
This approach uses Oauth2 auth code flow, which requires the user or service account being logged into Microsoft Azure system.
First, the user starts the initial authentication request with Aspire, which redirects the user to the Microsoft login page to consent to the permissions being requested.
If consented, Microsoft returns a redirection to the Aspire Admin UI with the authorization code as a parameter.
Aspire then uses this code to request a Refresh Token from Microsoft and stores it securely for it to be used in future crawls.
Aspire redirects the user back to the Aspire Admin UI.
https://[aspire-manager-host]:[port]/aspire/_api/sharepoint/authenticate
"autoStart": { "application": [ { "@config": "com.accenture.aspire:app-sharepointonline-delegated-permissions" }
bin/aspire.sh -us path/to/settings.json
Save the credential, and go to the Connections section, create a new Connection if there isn't one yet.