Postman will be required when configuring the permissions for the application that will access SharePoint.

Moment has created a workspace that can be used for this purpose.

It's recommended that you fork the "SharePoint" collection to your own postman profile. Any data added to the public workspace will be available for anyone accessing this workspace.

The workspace can be found here.

Forking collection

To fork this, click on the three dots to the left of the "SharePoint" name and select "Create a fork"

In the dialog that appears, enter the name you want it to have in your workspace, and select the workspace where you want this fork to appear. (If you have multiple)

Now you will have a copy of the collection in your own workspace and you can make changes to it.

Use collection

When the collection is forked, the various variables in the collection can be filled out.


Click on the "SharePoint" collection name. In the right panel you will at this time see the configuration of OAuth 2.0 configuration. This has been pre-filled with the values needed to get tokens for the tasks to be done. So do not make any changes to this page.


Select the tab named "Variables". This contains a table with defined variable names. Leave the names as they are. To use this, copy the values collected from Azure Active Directory Apps in here

  • TenantID: This is the Tenant ID from the overview page

  • ClientID: This is the Client ID from application #2 (admin application)

  • ClientSecret: This is the Secret from application #2 (admin application)

  • SiteToEditPermission: This is the Site ID collected, the site where the permission is to be defined.

  • ApplicationIdToGivePermission: This is the Client ID from application #1 (integration application)

  • PermissionToRemove: This is to be used if one ever needs to remove a permission.

Get Token

Prior to doing any actions, the token to be used when doing the various operations must be generated and stored. To get this, return to the "Authorization" tab. Scroll to the bottom of this page and locate the "Get New Access Token" button.

Click on this button, a dialog appears showing that it is getting the access token. Eventually it's showing that the authentication was completed. Now click on the "Proceed" button.

The new dialog appearing will containt the token that have been returned. Now just click on "Use Token" button.

The token has now been stored. The token is valid for an hour.

Add site permission

To add permission to a site, open the folder "Actions" and click on the "Set Site Permission". There is no need to make any changes to this as all the variables that was defined above are going to be used here. Now just click on the "Send" button to execute the setting of the permission.

Await the completion of the setting of the permission - the result will be as shown below.

Last updated