230 likes | 240 Views
Explore advanced scenarios and deep-dive examples of leveraging REST APIs in Flow connectors, with a focus on enhancing SharePoint and Project Online functionalities. Learn about authentication types, HTTP connector use cases, and overcoming connector limitations.
E N D
Getting more out of Flow connectors POWFL10 - Extending Flow Integration of SharePoint and other services using REST APIs
About me I’ve supported, consulted and developed on Microsoft platforms since 1998. I currently work in Switzerland for TPG, consulting for many of the largest Microsoft Swiss and Global accounts for SharePoint and Project deployments. I’ve been blogging about Project, SharePoint and Office 365 for 10 years. Martin Laukkanen Senior Consultant & Developer TPG The Project Group Blog: www.nearbaseline.com Twitter: @MartinLaukkanen LinkedIn: linkedin.com/in/martinlaukkanen
Scenarios where Flow connectors need our help When can the HTTP Connector come to the rescue Deep-dive examples with SharePoint and Project Online Session agenda (pt. 1) Introduction to the HTTP Connector
Types of authentication Example with a 3rd party API Updating foreign exchange rates into a SharePoint list Session agenda (pt. 2) Advanced scenarios with Authentication
Why do we need the HTTP Connector? When Flow needs a little help
Use cases for the HTTP connector When existing connectors lack required features. For example the SharePoint connector lacks support to manage permissions, additionally many connectors in Preview such as the Project Online connector lack key functionality. When no connector exists. For example an in-house developed business application, or any 3rd Party or legacy service or application. Finally, when you don’t have the time or budget to create a Flow Custom Connector yourself.
HTTP connector to the rescue Using the HTTP connector requires… An application or server that supports REST (ideally, but other types of web services can be used). A web based endpoint accessible online (or via on-prem data gateway). If the application requires authentication, what type of auth does it support? Authentication of SharePoint REST endpoints Microsoft (thankfully) have provided the “Send an HTTP request to SharePoint” action that does all the authentication for you.
Example 1: Permissions Securing SharePoint list items A corporate SharePoint site contains a list where ideas can be submitted by all staff. We need to be able to restrict access to sensitive items for typical users to support the business process. Idea list
Demonstration 1 Setting list item permissions in SharePoint
Example 2: Project Online Fields Projects are created but need all fields populated Continuing from our previous use case, some approved ideas will end up as projects. Much information has already been gathered during the approval process and this data all needs to be entered into the project on creation. The default connector can only create new projects with default fields, we’ll need to populate all the fields previously captured custom fields using REST.
Demonstration 2 Updating custom field values in Project Online
What about auth? Authentication challenges when using REST web services
Authentication scenarios Types of REST authentication Legacy and simple types • HTTP Basic or Digest Authentication • API keys or tokens OAuth 2 authentication • OAuth 2 Bearer tokens (access tokens and refresh tokens) • Grant types: implicit, auth code, on-behalf-of and client credentials grants • Others: Context tokens, ACS Hybrid on-prem tokens, S2S, etc
Authenticated HTTP call examples GET /thing HTTP/1.1 Host: example.org Authorization: Basic Zm9vOmJhcg== GET https://graph.microsoft.com/v1.0/me/ HTTP/1.1 Authorization: Bearer EwAoA8l6BAAU…j7A0XqHCjbKKgWSkcAg== Host: graph.microsoft.com Basic OAuth 2
Basic Auth in Flow Example of Basic authentication headers
API Key Auth flow example (fixer.io) GET /api/latest?access_key=[apikey]&base=EUR&symbols=GBP,USD HTTP/1.1 Host: data.fixer.io Response body: { "success": true, "timestamp": 1552917486, "base": "EUR", "date": "2019-03-18", "rates": { "GBP": 0.857767, "USD": 1.134552 } }
3rd Party API Usage Get foreign exchange rates regularly via http://fixer.io API
Updating Fx rates Update SharePoint list with foreign exchange rates from 3rd party
Authentication scenarios Microsoft client credential grant OAuth 2 flow • Source: https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow
Azure AD OAuth2 grant example POST /contoso.com/oauth2/token HTTP/1.1 Host: login.microsoftonline.com Content-Type: application/x-www-form-urlencoded grant_type=client_credentials&client_id=625bc9f6-3bf6-4b6d-94ba-e97cf07a22de&client_secret=qkDwDJlDfig…qu6sILxQQqhJ+s=&resource=https%3A%2F%2Fservice.contoso.com%2F
Questions? Connect with me Email: mlaukkanen@theprojectgroup.ch LinkedIn: linkedin.com/in/martinlaukkanen/ Twitter: @MartinLaukkanen Blog: www.nearbaseline.com
This slide-deck and more information on the demos https://nearbaseline.com Updating resource custom field values via REST in Microsoft Flow https://nearbaseline.com/2018/07/updating-resource-custom-field-values-via-rest-in-microsoft-flow/ Assign unique permissions in SharePoint with send http request action https://sergeluca.wordpress.com/2018/05/03/assign-unique-permissions-to-a-document-with-the-new-send-an-http-request-to-sharepoint-action-how-to-use-the-sharepoint-rest-api-in-flow/ Create 'No code' solutions with SharePoint and Flow https://github.com/SharePoint/sp-dev-solutions/blob/master/solutions/flows-formatters-pages-siteScripts/README.md#nitty-gritty-details-about-each-flow RESTful API Authentication Basics https://blog.restcase.com/restful-api-authentication-basics/ Azure AD Service to service calls using client credentials (shared secret or certificate) https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow References and further reading For these slides, demos and more references see the following