SharePoint OAuth 2.0 Authentication

Solution Sneak Peek

Tech Stack

Azure active directory refresh tokens

About the Client

The client assists their customers to facilitate data transformation efforts by helping them manage and protect their data, keep track of network-connected devices and control their Microsoft platforms and hybrid environments. They also help ensure compliance and governor each identity across the enterprise.

Sharepoint Rest API

Business Issue

The client was looking to add more security features to operate SharePoint Online and on an on-premise server. They needed the authorization process to be rigorous, but at the same time, it should be convenient and not slow down the day-to-day operations of the employees. In particular, they requested to implement the OAuth 2.0 protocol, allowing for more advanced sign-in options such as two-factor authentication, SSO, and many others.

Access Token Solution

Softwarium added support for the OAuth 2.0 access tokens when working with SharePoint Online. This opened the door for allowing the client to use the Microsoft Graph API. Using OAuth Authentication also allowed employees to get access via web browser connection which does all of the dirty work, such as generating the access token, refresh token, the authorization code and other information necessary to log in.

This included adding support for the Authentication App registration when the connection to the target is made via browser since this generates the OAuth access token. This means that even if an employee performs the browser authentication and the target login does not find the application, we do this automatically. All they have to do is click a checkbox confirming that it is their Client ID. This also applies to GCC HIgh tenants, which are used by government organizations and contain sensitive information.

Authorization server access control

Besides SharePoint OAuth Authentication, there were several additional benefits offered to the client in this release:

  • Support for Scripted Pac proxy was added when working with Office 365 Commercial, GCCH, On-Prem SharePoint (2010,2013,2016,2019).
  • Added support for bulk and fast migration between SharePoint Online locations.
  • Added functionalities to send emails with automatically generated migration status reports to inform users about migration results in a user-friendly view.
  • Added support for SharePoint Workflows and SharePoint Site Collections/Sites Features migration.
  • Add functionality to create user mapping reports between Office 365 tenants.

You may also like

Solution Sneak Peek

Tech Stack