Authentication using EntraID |
Scroll |
Authentication in SharePoint Online can be configured using a self-sign certificate and an application in Microsoft EntraID.
Self-Sign Certificate
First, a self-sign certificate for sign-in with Microsoft Entra ID has to be configured. This can be accomplished using PowerShell. The process is documented by Microsoft here:
https://learn.microsoft.com/en-us/entra/identity-platform/howto-create-self-signed-certificate
EntraID Application
The second step is to register an application in the Microsoft EntraID portal. More information about EntraID apps can be found in the relevant Microsoft documentation:
https://learn.microsoft.com/en-us/entra/identity-platform/app-objects-and-service-principals
The application requires the following permission claim to function:
SharePoint - Sites.ReadWrite.All
The public key of the certificate (the .cer file) has to be uploaded to the application for authentication. No client secret is needed.
Therefore⢠Solution Designer
In the Therefore⢠Solution Designer, a new Sharepoint connection has to be added. Adding a new SharePoint connection opens the SharePoint Connection properties dialog.
In this dialog, select 'Certificate based' as the authentication method.
Go to the setting Certificate Thumbprint and use the browse button to select the self-sign certificate (.pfx file). The certificate password is needed to add the certificate.
The connection can be tested using the 'Test Connection' button.