How to access your API key in SharePoint
SharePoint, a web-based collaboration and document management platform developed by Microsoft, allows its users to access and collaborate on documents, create intranet sites to share information, and more.
While you can benefit from SharePoint’s standalone features and capabilities in a variety of ways, you can get even more value by integrating it with your product or your internal applications.
To do so, you’ll first need to procure your unique API key. We’ll break down the steps for doing exactly that below!
Step 1: Apply for a Microsoft Developer account
To utilize SharePoint's API, it's essential to begin with a sandbox SharePoint account and an OAuth application. To acquire these, one should apply for a Microsoft Developer account via this link.
During the application process, you might be asked to specify your areas of interest. Should the options be presented, prioritize selections that encompass SharePoint, OneDrive, and Microsoft Graph.
Remember, your sandbox account will be refreshed every 90 days, provided it remains in active use.
Next, it's necessary to fill your SharePoint sandbox account with data. For this step:
Step 2: Create a site in SharePoint
Within your SharePoint account, create a site. (Either a Team or Communication site will work.)
Step 3: Add new files and folders
Once your new site is created, navigate to Documents, and click + New to add new files and folders.
Step 4: Create an OAuth App
To create an OAuth app, navigate to your developer account, then navigate to Azure Active Directory > App Registrations > + New Registration to create a new OAuth app. If you’re using Postman to test the integration, add the Postman URL as your redirect URI.
You’ll see an app created with a provided client ID.
Step 5: Create a client secret
The last step is to create a client secret. To do so, click Client credentials > Client secrets > + New client secret.
Step 6: Get your access token
Oauth:
authorize URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize
token URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/token
scopes: “offline_access https://graph.microsoft.com/.default”
Copy and paste your client id from your OAuth app’s “Application (client) ID” and your client secret from your OAuth app’s “Client Secret > Value”.
In Postman, once you’ve entered all the params, click “Get Access Token”. This begins the OAuth flow, which ends with an “Authentication complete” screen. Use the access token provided by this flow, which Postman will automatically add as auth headers for your subsequent API requests!
Other considerations for building to the SharePoint API
Before integrating with the SharePoint API, it’s worth considering other items:
Pricing
While SharePoint online starts at $5.00/user/month, if you sign up for a developer account you won’t be required to pay for the application.
SharePoint charges users for two different plans.
- SharePoint (Plan 1): Priced at $5.00 per user/month, this plan is aimed at small-to-mid-sized businesses. It offers secure file sharing, content management in document libraries with versioning and access control, and search capabilities to discover relevant content and people within the organization. It's suitable for businesses that need basic SharePoint functionalities without the frills of advanced tools.
- Microsoft 365 Business Standard: At $12.50 per user/month, this plan includes everything from SharePoint Plan 1 and adds desktop, web, and mobile versions of Office apps like Word, Excel, and PowerPoint. It also provides chat, call, and video conference with Microsoft Teams, business-class email, and tools like Microsoft Loop and Clipchamp for collaboration and video editing. This plan is ideal for businesses requiring a comprehensive suite of productivity tools that go beyond just content management.
The developer and IT admin features in SharePoint, such as add-in hosting, app distribution, and Business Connectivity Services, are available with certain limitations based on the plan. For instance, features like InfoPath Forms Services and advanced search capabilities might require SharePoint Online Plan 2 or Office 365 Enterprise plans. These features are crucial for businesses looking for advanced customization, app integration, and automation capabilities.
Rate limits
Microsoft’s SharePoint API doesn’t actually have any defined, hard rate limits. Instead, the application will throttle when too many concurrent requests are made as it risks the quality of Microsoft’s servers. Requests made via REST calls can result in SharePoint Online returning a 429 “Too many requests” status code, or a 502 “Server too busy”, and cause the results to fail.
To effectively manage this, Microsoft recommends implementing exponential backoff in your application's retry logic. This means that the application should delay retrying a request that has been throttled and doubling the wait time with each retry, up to a maximum number of attempts. Additionally, it's important to avoid peak hours, perform operations off-hours, use batch requests judiciously, and design your app for efficiency with SharePoint's resources. Moreover, consider using the SharePoint Online Client Component SDK to handle retry logic automatically.
For a deeper dive on the best practices for avoiding throttling and for more detailed technical guidance, you can refer to the official Microsoft documentation: Avoid getting throttled or blocked in SharePoint Online.
Pagination
SharePoint organizes content within site collections, sites, libraries, and lists, culminating in a hierarchical structure akin to drives, folders, and files. Due to this structure and the potentially vast amount of data stored within, instant retrieval of all items from large lists or libraries is impractical. To efficiently manage and access large datasets, SharePoint employs pagination.
Key Pagination Techniques in SharePoint:
- Using the ListItemCollectionPosition Object: The cornerstone of SharePoint pagination is the ListItemCollectionPosition object, which facilitates sequential access to list items. This object contains a PagingInfo property that stores paging information, guiding your queries to fetch items in sequence. The server responds with data in pages, adhering to the specified row limit. This technique is essential for custom solutions that interact with large lists, ensuring optimal performance and scalability.
Contextual Pagination Approaches:
- In SharePoint Views: SharePoint views offer built-in pagination capabilities, allowing end-users to navigate through lists and libraries efficiently via the SharePoint user interface (UI). Leveraging the view’s settings for pagination simplifies data access for users directly interacting with SharePoint through the web.
- For Custom Applications: Developers building custom applications should utilize the ListItemCollectionPosition class to iterate over large lists or libraries in manageable chunks. This approach is particularly relevant when dealing with extensive datasets that could hinder performance if accessed en masse.
- For Sorted Queries: When sorting is a part of your query, ensure the field used for sorting is indexed to prevent performance degradation. Indexing is vital for maintaining quick access times, especially when dealing with large quantities of data. Utilizing ListItemCollectionPosition in conjunction with indexed fields enables efficient pagination through sorted data.
Final thoughts
Many of your customers use other file storage tools, like Box, Dropbox, or OneDrive.
You can offer integrations with any of the file storage applications your clients use by building to Merge’s File Storage Unified API.
To learn more about the API, and Merge’s platform more broadly, you can schedule a demo with one of our integration experts!