App ID & App Secret

To use the workflow engine with SharePoint Online in the O365 cloud it is possible to use a normal account for accessing SharePoint.

But it is also possible to use "App Credentials". In this section we describe how to use them.

This is important so that the credentials in the workflow configurations are not personal credentials.

  1. Log on to the SiteCollection that you want the Worklfow to access.

    https://<your>.sharepoint.com/sites/<collection>
    
  2. Navigate to the App registration form

    https://<your>.sharepoint.com/sites/<collection>/_layouts/AppRegNew.aspx
    
  3. Create a new AppID and AppSecret

  4. Now you have to assign permissions to the new key

    https://<your>.sharepoint.com/sites/<collection>/_layouts/AppInv.aspx
    

    • Use the ClientID as AppId

    • Insert the following XML to grant FullControl permissions to the key

    • Please make sure that the xml is correctly formatted, otherwise the authorizations will not be correctly assigned

      <AppPermissionRequests AllowAppOnlyPolicy="true">
          <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl"/>
          <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl"/>
      </AppPermissionRequests>
      
    • For more information about the xml https://dev.office.com/sharepoint/docs/sp-add-ins/add-in-permissions-in-sharepoint

  5. If everything has been entered correctly, the result will look like this

  6. Enter the AppID and AppSecret at _wfconfig.ps1

Delete AppCredentials

You can revoke and delete the AppCredentials at any time. All you have to do is remove them from the SiteCollection using the following link.

https://<your>.sharepoint.com/sites/<collection>/_layouts/15/appprincipals.aspx

Discussion