Hi folks,
Today, SharePoint Online is
the most preferred cloud based platform in many of the organizations to collaborate
with external and internal parties, with organizing documents and access the
information from any time anywhere.
SharePoint 2013 hosts a
Representational State Transfer (REST) service. Using REST API, Developers can
interact remotely with SharePoint data by using any technology that supports
REST web requests.
In order to communicate
SharePoint online REST services you needs to have following authentications keys.
1) BinarySecurityToken
2) rtFa & FedAuth Cookies
3) FormDigestValue
1) BinarySecurityToken
2) rtFa & FedAuth Cookies
3) FormDigestValue
In this post, I’ll demonstrate how to
generate SharePoint Online Rest API authentications keys using Google chrome
POSTMAN App.
Generate BinarySecurityToken
In order to get BinarySecurityToken,
needs to use Microsoft Security Token Service put above mentioned address as
the URL
Needs
to add following XML Envelope as a message body, replace [username], [password] & [yourdomain] as per your environment.
When you go through the respond from STS
Service, you should notice two main tags among respond envelope. Those are <wst:Lifetime>
& <wst:RequestedSecurityToken>. Within RequestedSecurityToken tag we
can identify the BinarySecurityToken, which we try to generate in this step, but
make sure to follow the second step before the time period within <wst:Lifetime>
token. Cause BinarySecurityToken is time based temporary key.
Generate rtFa & FedAuth Cookies
Now, we need to POST generated BinarySecurityToken
to SharePoint Online, if it is valid token SharePoint Online single sign on
processes responding with two authentication cookies called rtFa & FedAuth.
In order to get the cookies, you need
to enable POSTMAN interceptor. It’s allow to send requests which use browser’s
cookies through POSTMAN.
https://[YourDomain].sharepoint.com/_forms/default.aspx?wa=wsignin1.0
 |
| Postman : Important sections are Highlighted |
Generate FormDigestValue
Form digest value use as a credential
validation key in SharePoint architecture. REST API call run inside the
firewall, so REST calls are authenticated using the current user's credentials
and they can get the form digest value.
Following values should declare
as a headers in POSTMAN.
Cookie: rtFa=[rtFa]
Cookie: FedAuth=[ FedAuth]
Origin: [YourDomain].sharepoint.com
REST Call Demo
Using generated authentication
values, we can simply test GET request. You need to replace following request
as per your environment. Needs to add
FormDigestValue as X-RequestDigest in header alone with above mentioned headers
in Generate FormDigestValue step.
Additionally, I add optional header which
format response as a JSON object.
Accept:application/json;odata=verbose
Happy Coding.
Regards,
Denuwan Himanga
Happy Coding.
Regards,
Denuwan Himanga
