Skip to content

Setting Up an Online SharePoint Site with App Registration for Webhook and Integration with InspectRAG

Table of Contents

  1. Introduction
  2. Prerequisites
  3. Setting Up an Online SharePoint Site
  4. Creating an App Registration in Azure Active Directory
  5. Register the App
  6. Extracting Client ID and Tenant ID
  7. Creating a Client Secret
  8. Configuring API Permissions
  9. Obtaining SharePoint Hostname and Site Path
  10. Setting Up Webhooks for File Download and Change Notifications
  11. Authenticating with Microsoft Graph API
  12. Registering a Webhook
  13. Downloading Files and Checking for File Changes
  14. Conclusion
  15. References

Introduction

This guide provides a comprehensive walkthrough for setting up an online SharePoint site and registering an application in Azure Active Directory (Azure AD). It also covers how to extract essential identifiers, configure API permissions, and set up webhooks to download files and monitor file changes using Microsoft Graph API.

Prerequisites

  • An Office 365 tenant with SharePoint Online.
  • Administrative access to Azure Active Directory.
  • Basic knowledge of SharePoint Online and Azure concepts.

Setting Up an Online SharePoint Site

  1. Sign in to Office 365:

  2. Go to Office 365 Portal.

  3. Log in with your administrator credentials.

  4. Access the SharePoint Admin Center:

  5. Click on the App Launcher (waffle icon) in the top-left corner.

  6. Select Admin.
  7. In the left-hand menu, expand Admin centers and click on SharePoint.

  8. Create a New Site:

  9. In the SharePoint admin center, click on Active sites.

  10. Click on Create and choose either Team site or Communication site.

  11. Configure Site Details:

  12. Site name: Enter a unique name for your site.

  13. Site address: This will be part of your site's URL.
  14. Primary administrator: Assign a site owner.
  15. Time zone: Select the appropriate time zone for your location.

  16. Finalize Site Creation:

  17. Click Finish to create the site.

  18. Wait for the site to be provisioned (this may take a few minutes).

Creating an App Registration in Azure Active Directory

Register the App

  1. Access Azure Portal:

  2. Navigate to the Azure Portal.

  3. Log in with your administrator credentials.

  4. Navigate to Azure Active Directory:

  5. In the left-hand menu, select Azure Active Directory.

  6. Go to App Registrations:

  7. Click on App registrations in the Azure AD menu.

  8. Click on New registration.

  9. Register Your Application:

  10. Name: Enter a meaningful name for your app (e.g., "SharePointWebhookApp").

  11. Supported account types: Select Accounts in this organizational directory only.
  12. Redirect URI: Leave blank for now unless you have a specific redirect URI.
  13. Click Register.

Extracting Client ID and Tenant ID

  1. Application (client) ID:

  2. After registration, you will be on the app's Overview page.

  3. Copy the Application (client) ID. This is your Client ID.

  4. Directory (tenant) ID:

  5. From the same Overview page, copy the Directory (tenant) ID. This is your Tenant ID.

Creating a Client Secret

  1. Navigate to Certificates & Secrets:

  2. In the left-hand menu of your app, click on Certificates & secrets.

  3. Create a New Client Secret:

  4. Click on New client secret.

  5. Description: Provide a description (e.g., "AppSecretKey").
  6. Expires: Choose the expiration period (e.g., 6 months, 12 months).
  7. Click Add.

  8. Copy the Client Secret:

  9. After creation, copy the Value of the client secret. This is your Secret Key.

  10. Important: This value is only displayed once. Store it securely.

Configuring API Permissions

  1. Navigate to API Permissions:

  2. In your app's left-hand menu, click on API permissions.

  3. Add Permissions:

  4. Click on Add a permission.

  5. Under Microsoft APIs, select Microsoft Graph.

  6. Select Permission Type:

  7. Choose Application permissions since webhooks generally run without user interaction.

  8. Add the Required Permissions:

  9. For Webhooks and File Access:

    • Sites.Read.All
    • Sites.Manage.All (required for managing webhooks)
    • Files.Read.All
  10. Select each permission by expanding the categories and checking the boxes.

  11. Grant Admin Consent:

  12. After adding the permissions, click on Grant admin consent for [Your Organization].

  13. Confirm by clicking Yes.

Obtaining SharePoint Hostname and Site Path

  1. SharePoint Hostname:

  2. Navigate to your SharePoint site.

  3. The URL will be in the format: https://[your-tenant-name].sharepoint.com.
  4. [your-tenant-name].sharepoint.com is your SharePoint Hostname.

  5. SharePoint Site Path:

  6. From your site's URL, extract the site path.

  7. Example URL: https://your-tenant-name.sharepoint.com/sites/YourSiteName.
  8. The site path is /sites/YourSiteName.

Setting Up Webhooks for File Download and Change Notifications

Authenticating with Microsoft Graph API

  1. Obtain an Access Token:

  2. Use the OAuth 2.0 client credentials flow.

  3. Token Endpoint:

    https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token
    
  4. Parameters:

    • grant_type: client_credentials
    • client_id: Your Client ID
    • client_secret: Your Secret Key
    • scope: https://graph.microsoft.com/.default
  5. Example Request using cURL:

curl -X POST \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_SECRET_KEY&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default' \
  https://login.microsoftonline.com/YOUR_TENANT_ID/oauth2/v2.0/token
  1. Store the Access Token:

  2. The response will contain an access_token.

  3. Use this token in the Authorization header for subsequent API calls.

Registering a Webhook

  1. Get the Site ID:

  2. Endpoint:

    GET https://graph.microsoft.com/v1.0/sites/{hostname}:/sites/{site-path}
    
  3. Example:

    GET https://graph.microsoft.com/v1.0/sites/your-tenant-name.sharepoint.com:/sites/YourSiteName
    
  4. Include the Authorization header with your access token.

  5. Extract the Site ID:

  6. The response will contain the id of the site.

  7. Create a Subscription:

  8. Endpoint:

    POST https://graph.microsoft.com/v1.0/subscriptions
    
  9. Request Body:

    {
      "changeType": "updated",
      "notificationUrl": "https://yourdomain.com/notifications/webhook",
      "resource": "/sites/{site-id}/drive/root",
      "expirationDateTime": "2025-12-31T23:59:59Z",
      "clientState": "yourSecretClientState"
    }
    
  10. Replace {site-id} with the actual site ID.

  11. The notificationUrl is your endpoint to receive notifications.

  12. Example Request using cURL:

curl -X POST \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -d '{
    "changeType": "updated",
    "notificationUrl": "https://yourdomain.com/notifications",
    "resource": "/sites/YOUR_SITE_ID/drive/root",
    "expirationDateTime": "2025-12-31T23:59:59Z",
    "clientState": "yourSecretClientState"
  }' \
  https://graph.microsoft.com/v1.0/subscriptions
  1. Handle Validation Tokens:

  2. Microsoft Graph will send a validation request to your notificationUrl.

  3. Your endpoint must respond with the validation token within 5 seconds.

Downloading Files and Checking for File Changes

  1. Download a File:

  2. Endpoint:

    GET https://graph.microsoft.com/v1.0/sites/{site-id}/drive/items/{item-id}/content
    
  3. Replace {item-id} with the ID of the file.

  4. The response will be the file content.

  5. Check for File Changes using Delta Query:

  6. Endpoint:

    GET https://graph.microsoft.com/v1.0/sites/{site-id}/drive/root/delta
    
  7. Use the deltaLink provided in the response for subsequent requests to get changes since the last query.

  8. Process Notifications:

  9. When a change occurs, Microsoft Graph sends a notification to your notificationUrl.

  10. The notification contains information about the change.
  11. Use this data to make API calls to download or process the changed files.

Conclusion

You have successfully set up an online SharePoint site and registered an app in Azure AD. You have also learned how to extract essential identifiers, configure API permissions, and set up webhooks using Microsoft Graph API to download files and monitor file changes.

References


Note: Replace placeholders like YOUR_CLIENT_ID, YOUR_SECRET_KEY, YOUR_TENANT_ID, your-tenant-name, YourSiteName, and yourdomain.com with your actual values.