SHAREPOINT ONLINE REST API AUTHENTICATION IN POSTMAN

Emmanuel Adegor
4 min readOct 29, 2020

--

Knock Knock!

My assumption before telling you how to get this done, is that you know how to use SHAREPOINT ONLINE and POSTMAN.

If You don’t, You’re still safe!! (^_*). Just click here and here to learn about postman and SharePoint respectively, then you can continue from the next paragraph (Oops! You’ll also have to download postman, I’m using a Windows 10 OS though)

To consume SharePoint REST API in Postman, You would need a Client ID, Client Secret, Tenant ID and Access Token.

How can we generate these credentials? Simple!!

SHAREPOINT CONFIGURATION

  1. Register a new App
  • Access https://Tenantname.sharepoint.com/_layouts/15/appregnew.aspx on your web browser (take note of appregnew.aspx)
  • Click ‘Generate’ in front of Client id box (this would generate your client id)
  • Click ‘Generate’ in front of Client Secret box (this would generate your client secret)
  • Title: Input any title “e.g My CRUD APP“
  • App Domain: Type localhost (Please don’t ask why)
  • Redirect URI: Type https://localhost (Please don’t ask why)
  • Click Create
  • Copy These details to a safe place (say notepad), You’ll need them in Postman

2. Apply Permission to this app (So Post can initiate API calls)

<AppPermissionRequests AllowAppOnlyPolicy=”true”>
<AppPermissionRequest Scope=”http://sharepoint/content/sitecollection/web" Right=”FullControl” />
</AppPermissionRequests>

  • Click ‘Create’
  • Click ‘Trust It’

That’s It!

You just successfully registered your APP (in other view: You just successfully generated your API credentials).

POSTMAN CONFIGURATION

  1. Open Postman and create a GET request with a similar URI

https://Tenantname.sharepoint.com/_vti_bin/client.svc or https://Tenantname.sharepoint.com/_api

  • _api is the short form of _vti_bin/client.svc/
  • Send this GET request with the
  • Click on Header Tab
  • Add the Key: Authorization and the value: Bearer
  • Click Send
  • Oops!! You’ll get an error (Let’s fix it)
  • Go to response’s Headers tab
  • Click WWW-Authenticate key’s value
  • Copy and save these parameters:
  • Bearer realm=”61813a2f-3b0f-48f8-bc1c-72b590ed3c5f” (this is your Tenant ID)and
  • Client_id=”00000003–0000–0ff1-ce00–000000000000" (This is your Resource value)
  • Click on a new tab in postman
  • Create a POST request by:
  • selecting ‘Post’
  • Paste this URI: https://accounts.accesscontrol.windows.net/”Bearer realm value without double quotes here”/tokens/OAuth/2
  • that is https://accounts.accesscontrol.windows.net/61813a2f-3b0f-48f8-bc1c-72b590ed3c5f/tokens/OAuth/2
  • Click Headers tab
  • Add these[Key]: [Value]- Content-Type: application/x-www-form-urlencoded
  • Click Body tab
  • Select “x-www-form-urlencoded”.
  • Click “Bulk Edit” then paste the code below:
  • Click ‘Send’
  • Copy out the Access Token (access_token)
  • Open a new Postman’s tab and create a new GET request by
  • pasting URI: https://TenantName.sharepoint.com/_api/web
  • adding headers on Headers tab:
  • Authorization and Accept (check screenshot below):
  • So That’s It!

You can now make Rest APi calls from Postman!

Enjoyyyyyyyyyyyyyyyyyy!!!! (Kindly drop comments below if you encounter any issue)

--

--

Emmanuel Adegor
Emmanuel Adegor

Written by Emmanuel Adegor

Principal Software Engineer/Architect ( M365 SharePoint | Teams | SPFX ) | Collaboration Platforms | Workflow Automation Expert