Hi. This is Randy Rempel, product manager for Content Matrix. And I'm going to run through the setup of OAuth authentication and register an app using Content Matrix.
OAuth authentication is required to authenticate with the Microsoft Graph API. And the future of content migrations into Office 365 will require calling the Microsoft Graph API. Calling the Graph API requires an Azure directory app, and you need to provide consent to allowing the AD app access to the tenant with specific permissions.
I also want to talk just a little bit about permissions. Delegated permissions are defined in the app. The user consents to these permissions. The app can never have more privileges than the signed in user.
The privileges of the signed in user may be determined by policy or by membership in one or more administrative roles. You must still use a global administrator or SharePoint admin account to use the delegated permissions effectively. And you can look at the URL that I've included here for more information on authentication and authorization basics for Microsoft Graph.
So here you're looking at the SharePoint log on screen, and I have a configuration set up for a connection to the SharePoint.com. And this is the correct URL. It is-- in this case, I'm connecting to an office 365 tenant so I'm using SharePoint.com.
The connection type is a remote connection and the authentication type is Office 365 OAuth. You can also use this same [? use ?] connection to connect to a site, too. And you'll be able to go through the OAuth and app configuration process. I've set up a user and a password here, so I'm going to go ahead and click OK.
Normally this screen does-- or this dialog box does show up in front of everything. Sometimes it pops in underneath, so just watch out for that. I'm going to go ahead and click OK.
I'll be asked for the account, and I'll get my password for this account. Here's the permissions that the app is requesting that I'm going to consent to. I can also consent on behalf of the organization so anybody else in the organization won't have to also consent to these. You can click on each one of these permissions and read more about them.
I'm going to go ahead and click Accept. I'll say no, continue with connection. And I have my connection established.
02:52