Creating a SharePoint App registration that never expires

The Case

I am building an Azure Function that shall communicate with SharePoint Online using CSOM. The function shall have access to read and write information to lists in a specific SharePoint site collection. When you are using the standard method for creating a new SharePoint App Registration using the form located under /_layouts/15/AppRegNew.aspx, the app registration will expire in one yar, but  I want to make sure that the app registration never expires. The Solution is to create an Azure AD Application instead, and invoke this in SharePoint.

Configuration of a SharePoint App using Azure AD Application

To be able to register a SharePoint App that never expires you can follow the steps below. In a usual app registration in SharePoint, you first navigate to AppRegNew.aspx, but this can be replaced with an Azure AD App registration instead.

  • Log in to portal.azure.com with an administrator account
  • Navigate to Azure Active Directory
  • Choose ”App registrations” from the left menu and click ”New registration”
  • Fill in the form and register the application
  • When the app has been created choose “Certificates & secretes” in the menu
  • Create a new client secret, give it a description and choose “Never” expires
  • Copy the client secret that was created and store it in a safe place
Adding a client secret that never expires
Adding a client secret that never expires

After the client secret with the never expires flag has been created, do the following:

appinv

Choose to trust the app in the next step, and you are set to go. You can now use the Client ID and Client Secret to authenticate against the chosen SharePoint app from your Azure Function (or any other external component/service).

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s