The following instructions are not mandatory. UpSlide has its own Tenant to connect with SharePoint, so you don’t need to create one. However, if you don’t want UpSlide to use its Tenant, here is the procedure to create your own Single Tenant Azure AD application.
Summary
- Create the Azure AD Application
- Customize this application
- Add needed permissions
- Grant consent
- Send the details of your app to UpSlide
Create the Azure AD Application
- Connect to Azure Portal using Tenant Administrator rights and go to Azure Active Directory.
- Go to App Registration and click New Registration.
- Set a name for your Azure AD Application, and make sure that the Supported account type is set to Accounts in this organizational directory only
Once the Azure AD Application has been created, you will need to:
- Customize the application to be recognized as a Client (Desktop) application
- Set scopes and grant consent for all the users
Customize the Azure AD Application
- On the Azure AD App page, save the Application (client) ID and Directory (tenant) ID (you will need to provide both to us)
- click Authentication
- click Add a platform
- Select Mobile and desktop applications
- Set a custom redirect URI, for example, http://localhost/upslide
- This URL will never be used, so it does not need to target a real working URL, but it is needed to set the AAD App to Client mode. We will need this information to set up the link on our side.
- Set the default Client type to public client (this allows UpSlide not to have a server running locally to handle the authentication).
Add needed permissions
-
Go to your Azure AD Application and go to API Permissions, then click Add a permission
-
Select SharePoint, choose Delegated Permissions as type of permissions required, and check the permissions below:
- AllSites.Write
- AllSites.Manage
- Click Add permissions to validate the selection.
- Go back to Add a Permission -> APIs my Organization uses and search for Microsoft Graph.
-
Then apply the delegated permissions below:
- File.Read.All
- Sites.Read.All
- User.Read
- offline_access
- openid
- profile
Note
Those permissions are delegated permissions and does not overtake the current users permissions.
Grant consent for the whole tenant
In the API permission page, click Grant admin consent for [xxx]
This will redirect you to a consent page (you may be prompted to log in). You will find the list of permissions previously added, and you will be able to grant the consent for your organization.
Send the details of your app to UpSlide
Once the app registration is complete, please send us:
- the application client ID
- your subscription (tenant) ID
- the configured reply URL
We will adapt our settings for the SharePoint authentication to work with your application.