Connecting to SharePoint Online

(Dan Wahry) #1


We’ve tried two methods to connect Squiz Matrix to our SharePoint Online environment. All the settings have worked when running through Postman so we know that the SharePoint setup is correct.

One was to use the OAUTH 2.0 Token Asset and then to pass that to a REST Resource Asset that connects to the SharePoint Online list and retrieves data. While this seemed like the perfect option, we were unable to get the access token. I think this is due to the need to use “grant-type: client_credentials” in the Request Body which I so far haven’t seen a way of entering into the OAUTH 2.0 Token Asset settings.

The second method was to use two REST Resource Assets - one to retrieve the token and then to pass that via a variable to a second REST Resource Asset which communicates with the SharePoint list. The first REST Resource Asset correctly retrieves the token but I am stumped as to how to pass the token to the second REST Resource Asset and even if I hard code the token in, it says it is a bad call so I am assuming it has something to do with the formatting of the Request Headers which I would have assumed would be “Key: Value” i.e. “Accept:application/json;odata=verbose” etc

Has anyone successfully managed to connect Squiz Matrix to SharePoint Online?

(TT) #2

I haven’t connected sharepoint online but I have done something similar when connecting with a different system.

We use 1 REST resource asset to request the token. We use the js section at the bottom to print out just the returned token value.

Then in the second rest resource, nest the first in via the request header e.g.:

Authorization:Bearer %globals_asset_contents_raw:12345% where 12345 is the id of the first REST resource asset.

This seems to work well for what we need it for.

Also in the request headers we have on separate lines:
Content-Type: application/x-www-form-urlencoded

but obviously they would be different depending on whats needed for sharepoint.

Have you tried copying how it’s being sent in postman and pasting that in exactly the same format?


(Byrne) #3

Setting the cache time on the first rest asset (token request) will also stop the token from being requested on every single API request.

(Ben Chapman) #4

I have been struggling with connecting to Sharepoint, but following the suggestion of retrieving the token with one REST resource and then passing that token to a second REST resource using the globals_asset_contents keyword, I can now access the Sharepoint API.

So, firstly, thank you.

But secondly, I’m a bit wary of the fact that īn this method, the token is exposed to the front end by print-ing it to the first REST resource.

Is there a way of generating the token and making it available to the second REST resource without making it publically accessible?

Or alternatively is there a way of hiding the token in the first REST resource so that only the second REST resource can read it?