Create app-based credentials for SharePoint Online

If you're migrating from OneDrive for Business, follow the instructions for SharePoint unless specified.

The Microsoft SharePoint Online source connection uses app-based authentication (client ID and client secret) rather than user-based authentication (username and password). Follow these steps to create app-based credentials for SharePoint Online.

If you get errors during setup, refer to the troubleshooting section below.

Create credentials

With Google Workspace Migrate you can only create credentials under tenant scope. 

  1. In your SharePoint Online tenant, go to the appregnew.aspx page.

    Example: https://example.sharepoint.com/_layouts/15/appregnew.aspx

  2. Next to Client ID and Client Secret, click Generate to generate their values.
  3. Store the client ID and client secret securely as these credentials can be used to read or update data in your SharePoint Online environment. You also need the client ID and secret to configure the SharePoint Online connection in Google Workspace Migrate.
  4. Under Title, specify a title.

    Example: Google Workspace Migrate

  5. Under App Domain, specify localhost.com.
  6. Under Redirect URI, specify https://localhost.com.
  7. Click Create.
  8. On the tenant administration site, go to the appinv.aspx page.

    Example: https://example-admin.sharepoint.com/_layouts/15/appinv.aspx

    Note: The URL must include -admin to access the tenant administration site. If you omit it, SharePoint shows a similar page, but you will not be able to grant tenant-scoped permissions.

  9. In the App Id field, enter your client ID and click Lookup to find your app.
  10. In the app’s Permission Request XML field, copy the XML below:

    <AppPermissionRequests AllowAppOnlyPolicy="true">
    <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
    </AppPermissionRequests>

  11. Click Create.
  12. Click Trust It to confirm and grant the permissions.

Troubleshooting

Message: "An unexpected error has occurred”

  1. In the App Domain and Redirect URI fields, verify that you specified a localhost and not a sharepoint.com domain. 
  2. On the appregnew.aspx page, make sure both fields include the proper localhost URI.

Message: "Sorry, only tenant administrators can add or give access to this app" 

  1. If you see this message and the Trust It button is disabled, you aren’t on the correct page for the tenant administration site. 
  2. Check the appinv.aspx page URL and make sure it includes -admin.

Message: “Sorry you don’t have access, awaiting approval”

  1. In your SharePoint Online tenant, make sure that you can reach the appregnew.aspx page without receiving this message.
  2. If you can't reach the page, verify you have completed the steps correctly.

    If you can, continue with the next step.

Next step

Add or edit a SharePoint connection


Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.

Search
Clear search
Close search
Google apps
Main menu
1207315541469643746
true
Search Help Center
true
true
true
false
false