Provide the domain on which your add-in will run. Select a name to help you recognize which add-in will use this client ID for example, "calendar app". In the New client ID dialog box, provide the following information. On the Client IDs tab, select Add new client ID. Sign in to Partner Center with your developer account and go to the Product overview page for your add-in. If your add-in is a service and it needs OAuth client IDs and client secrets, follow these steps. If there is only one client secret associated with your client ID, deleting that secret can prevent your add-in from accessing the data it needs. When a client secret expires, it can no longer be used as a password. Your add-in can use any valid client secrets as passwords to communicate with Microsoft. If you delete the signing client secret that your add-in uses, the next valid client secret is used instead. In Partner Center, this is the client secret with a green check mark next to Active in the Status column on the Client IDs page. Inbound data to your add-in is signed by using only one signing client secret. Create a separate add-in listing for China.įor more information about distributing add-ins to China, see Submit apps for Office 365 operated by 21Vianet in China.Block access for all countries except China.Add a separate add-in package specifically for China.Use a separate client ID and client secret for China.To submit a SharePoint Add-in that uses OAuth and distribute it to China, you must: OAuth would allow the add-in to identify the user to whom the trip calendar belongs, or if the trip calendar add-in needed to access other aspects of Microsoft 365, such as resources or calendar information, it could access those on behalf of the signed-in user. Grants represent the permissions that a user has delegated to an add-in.įor example, your add-in could be a trip calendar add-in that opens as an IFRAME on a Microsoft 365 SharePoint site. Users can only grant the permissions that they have. If the user gives consent, the add-in can act on behalf of the user to access the data that the add-in requires. When a user installs an add-in that has an associated client ID and client secret, a consent dialog box appears. You can generate OAuth client secrets in Partner Center, and then add them to your add-in code. If your add-in requires this type of authorization, you have to associate OAuth client ID and client secrets with your add-in.
Users can then grant a third-party site access to information that is stored with another service provider (for example, SharePoint), without sharing their user name and password and without sharing all the data that they have on SharePoint. Each token grants access to a specific site (for example, a SharePoint document repository), for specific resources (for example, documents from a folder), and for a defined duration. With OAuth, users can authorize a service provider (for example, SharePoint) to provide tokens instead of credentials (for example, user name and password) to their data that is hosted by a given service provider (for example, SharePoint). For example, users can share their private resources or data (contact list, documents, photos, videos, and so on) that are stored on one site with another site, without having to provide their credentials (typically user name and password). It lets users approve an application to act on their behalf without sharing their user name and password. OAuth enables secure authorization from desktop and web applications in a simple and standard way. Open Authorization (OAuth) is an open protocol for authorization. Using OAuth to authenticate and authorize add-ins
Microsoft Office Developer Tools for Visual Studio supports setting a secondary client secret that you can use to update your expiring client secret.