Configuring Authentication Settings

The JWT Certificate Credentials method supports authentication based on a JWT assertion prepared from a certificate and private key.

1. Select JWT Certificate Credentials from the Grant Type drop-down list.

2. Enter the Client ID of the source created on the SharePoint Online managed system. For more information, refer to Registering an Application Using the SharePoint Online Portal (Deprecated).

3. Enter the valid Certificate details of the source created on the SharePoint Online managed system.

4. Enter the valid Private Key text that is used to sign the JWT assertion and the corresponding Private Key Password. For more information, refer to Creating OAuth2.0 JWT Certificate Credentials (Recommended).

5. Enter the SharePoint Online Domain Name. For example, contoso.sharepoint.com.

6. In Authentication Endpoint URL, enter the URL that corresponds to the Microsoft Azure Active Directory authentication endpoint deployed on a national cloud.

   For example, for the US government, enter https://login.microsoftonline.us, or for China enter https://login.partner.microsoftonline.cn.

7. Select Save.

Use the Client Credentials with the ID and Secret parameters.

1. Select Client Credentials from the Grant Type drop-down list.

2. Enter the Client ID and Client Secret of the source created on the SharePoint Online managed system. For more information, refer to Registering an Application Using the SharePoint Online Portal (Deprecated).

3. Enter the SharePoint Online Domain Name. For example, contoso.sharepoint.com.

4. (Optional) In Authentication Endpoint URL, enter the URL that corresponds to the Microsoft Azure Active Directory authentication endpoint deployed on a national cloud.

   For example, for the US government, enter https://login.microsoftonline.us, or for China enter https://login.accesscontrol.chinacloudapi.cn.

5. Select Save.

The Auth Code / Refresh Token grant type is a client credentials-based authentication protocol. In addition to client credentials, it uses a Refresh Token to authenticate.

1. Select Refresh Token / Auth Code from the Grant Type drop-down list.

2. Enter the Client ID and Client Secret of the source created on the SharePoint Online managed system. For more information, refer to Registering an Application Using the SharePoint Online Portal (Deprecated).

3. Enter the valid Refresh Token obtained after registering the app with the Azure Active Directory Portal. For more information, refer to Generating a Refresh Token (Deprecated).

4. Enter the SharePoint Online Domain Name. For example, contoso.sharepoint.com.

5. In Authentication Endpoint URL, enter the URL that corresponds to the Microsoft Azure Active Directory authentication endpoint deployed on a national cloud.

   For example, for the US government, enter https://login.microsoftonline.us, or for China enter https://login.partner.microsoftonline.cn.

6. Select Save.

The SAML Bearer Assertion method is password-based user authentication with ADFS environment. SAML assertion issued by ADFS after authentication is used to get the access token from the Azure Active Directory.

1. Select SAML Bearer Assertion from the Grant Type drop-down list.

2. Enter the Client ID and Client Secret of the source created on the SharePoint Online managed system. For more information, refer to Registering an Application Using the SharePoint Online Portal (Deprecated).

3. Enter the SAML Username and corresponding Password for SAML authorization.

4. Enter the server URL for the Authorization Endpoint.

5. Enter the Request Body details for the SAML Bearer assertion.

6. Enter the SharePoint Online Domain Name. For example, contoso.sharepoint.com.

7. In Authentication Endpoint URL, enter the URL that corresponds to the Microsoft Azure Active Directory authentication endpoint deployed on a national cloud.

   For example, for the US government, enter https://login.microsoftonline.us, or for China enter https://login.partner.microsoftonline.cn.

8. Select Save.