How to get SharePoint List access - UiPath

How to get SharePoint List access using Microsoft Office 365 Scope

Prerequisite: Need to have SharePoint access and azure account.

  • Uses the Microsoft identity platform to establish an authenticated connection between UiPath and your Microsoft Office 365 application. This authenticated connection enables a robot to call the Microsoft Graph API to read and write resources on your behalf.

To establish your authenticated connection, you first register your Microsoft Office 365 application in your Azure Active Directory (using your personal, work, and/or school Microsoft Office 365 account). When registering your application, you assign the Microsoft Graph API permissions that specify the resources a robot can access on your behalf.

  1. To establish your authenticated connection, you first register your Microsoft Office 365 application in your Azure Active Directory (using your personal, work, and/or school Microsoft Office 365 account). When registering your application, you assign the Microsoft Graph API permissions that specify the resources a robot can access on your behalf.

Setup: To enable the Microsoft Office 365 activities, your app must be integrated with the Microsoft identity platform and have the correct Microsoft Graph API permissions assigned to it. To integrate your application, assign permissions, and start building your automation project, complete the following steps:

o Register your application

o Add API permissions

o Build your project

Register your application.

  • Click + New registration in the top navigation bar.
  • Enter a Name for your application (e.g., β€œOffice365App”).
  • Under Supported account types, select the option that applies to you.
  • Under Redirect URI (optional), enter a URI address (if applicable) and click register (if the organization supports multi-tenant authentication and can only use the Interactive Token authentication type which requires a redirect URI)

Add API permissions.

  • From your registered application page (Azure portal > Azure Active Directory > App registrations > Office365App), click API permissions in the left-hand navigation panel.
  • After the API permission page opens, click + Add a permission (this opens the Request API permissions window).
  • Under Select an API, click Microsoft APIs (may be open by default) and under Commonly used Microsoft APIs, click Microsoft Graph.
  • In that provide Application permissions not the delegated permissions. Below are the required permissions for accessing SharePoint list.

Note: Application permissions must be set when the value of AuthenticationType in the Microsoft Office 365 Scope activity is set to ApplicationIdAndSecret or ApplicationIdAndCertificate. The other authentication types available in Microsoft Office 365 Scope activity require Delegated permission. Next select the permissions as per the requirement.

  • Click Add permissions and Verify your API permissions include your added Calendars, Files, and Mail permissions (if required).

Build Your Project

  1. Create a new automation project.
  2. Install the UiPath.MicrosoftOffice365.Activities package.

After registering your Microsoft Office 365 application**, Azure Active Directory assigns a unique application (client) ID that you enter in the Microsoft Office 365 Scope** activity. The ApplicationID is used to collect the necessary information about your registered app to initiate authentication.
Microsoft Office 365 Scope authentication types are:

  • ApplicationID and Certificate (unattended automation): In order to authenticate using a certificate as a secret, please follow these steps:

    o In the Azure portal
    
    o Locate your registered Microsoft Office 365 application.
    
    o Select Certificates & secrets and upload your certificate (public key) file. It can have one of the following file types: .cer, .pem, .crt.
    
    o Convert the raw contents of your .pfx file representing the certificate to a base64 string. To do this, use a web-based tool like [Base64.Guru](https://base64.guru/converter/encode/file) or assign Convert.ToBase64String (System.IO.File.ReadAllBytes(pfxFilePath)) to a String variable.
    
  • ApplicationID and Secret (unattended automation): authentication with Application (client) ID and Application (client) Secret.

Note: Select Client credential and create new secret and copy the secret value not the secret ID. Secret value should be copied immediately after the secret is created.

  • Interactive Token (attended automation): This authentication type can be used for attended automation and when multi-factor authentication (MFA) is required. This is the default option.
  • IntegratedWindowsAuthentication (unattended automation): This option can apply to Windows hosted applications running on computers joined to a Windows domain or Azure Active Directory.
  • UsernameAndPassword (unattended automation): the Username and Password properties are required, and the Tenant property is optional for single-tenant applications (required for multi-tenant applications).
3 Likes