MS Graph API calls
In order to get the Graph plugin working you need to use the MS Graph API. The API calls always require a token in the header of the request. In order to get this token you need a client_secret code from SharePoint. The client_secret has to be generated by someone who has administrator rights within the SharePoint environment. Underneath is a step by step procedure to get a client_secret as an administrator.
Step 1: Logging into Azure Active Directory.
- Log into Azure Active Directory with an administrator account.
- Click on View underneath Manage Azure Active Directory.
- You should see a Home > your organisations name - Overview with a list of manage options on the left side of the page.
step 2: Registering a new app.
- Click on App registrations in the left menu.
- Click on new registration.
- Enter a name for the application (something like Xillio-Graph-API for example).
- Under supported account types choose accounts in any organisational directory and personal Microsoft accounts.
- For our purposes you can skip the redirect URI.
- Click on register, you should be redirected to an overview page of your newly created application with some information we will be needing later.
step 3: Getting a client_secret
- In the left panel of the overview page of your application click on certificates and secrets.
- Click on new client secret.
- Under description write something like Xillio-client-secret.
- Under expires click on never.
- Click on add.
- A new client-secret should have been added to under client secrets.
- The next step is crucial because the client_secret is only shown once! If you don't save it somewhere you will have to create an new client secret all over again. Save the client_secret.
step 4: Granting permissions
- In the app overview page click on API permissions in the left panel.
- Click on Add a permission.
- Choose the Microsoft Graph API in the list of available API's.
- Choose Application permissions.
- Choose (at least for scraping all files and folders) the following permissions.
- Files.Read.All
- Sites.Read.All
- Application.Read.All
- Group.Read.All
- User.Read.All
- After you have given the permissions to the app make sure to also grant admin consent for your organisation and check whether the permissions have been granted.
step 5: Configuration for Xillio-Insights-Graph-plugin
- In order for Xillio to make API-calls we need three pieces of information to get a token from the MS-Graph-API.
- The client-secret which you saved in the previous step.
- The Application (client) ID from the App overview page in step 2.
- The Directory (tenant) ID from the App overview page in step 2.