Suppose, you would like to have the remote components of a provider-hosted SharePoint Add-in to interact with SharePoint using OAuth, what should you do? You should first register with the Azure ACS cloud-based service and the SharePoint App Management Service of the tenancy or farm. Let us now dive straight into how to register/unregister SharePoint add-ins.

To register an app into office 365 tenancy we use the layouts/appregnew.aspx page which is a standard old way of doing it. But, I thought there should be some smarter way to do it. After much research, I got a scenario to automate this process using a deployment package. I was searching for a while in the internet and got few stuffs like updating expiring Client Secret etc. More on that here: https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/replace-an-expiring-client-secret-in-a-sharepoint-add-in

I have used MSOLService from AzureAD powershell package to register the SharePoint Add-in Office365 tenancy. Here is how to register an Add-in.

  1. Download the AzureAD powershell package.
  2. Run the below PS Script after mentioning the Client ID, app name, app domain and the app redirect URL.
  3. Provide your Global administrator username and password while connecting to MSOL Service.
$clientID="7c6cbd92-073b-4bc9-9d4a-fc27749f340b";

$bytes = New-Object Byte[] 32

$rand = [System.Security.Cryptography.RandomNumberGenerator]::Create()

$rand.GetBytes($bytes)

$rand.Dispose()

$newClientSecret = [System.Convert]::ToBase64String($bytes)

$appDomain=”Yourdomain.azurewebsites.net”;

$appUrl=”https://Yourdomain.azurewebsites.net/”;

$appName=”Your App Name”

$servicePrincipalName = @(“$clientID/$appDomain”)

$dtStart = [System.DateTime]::Now

$dtEnd = $dtStart.AddYears(3)

Connect-MsolService

New-MsolServicePrincipal -ServicePrincipalNames $servicePrincipalName -AppPrincipalId $clientID -DisplayName $appName -Type Symmetric -Usage Verify -Value $newClientSecret -Addresses (New-MsolServicePrincipalAddresses -Address $appUrl) -StartDate $dtStart  “EndDate $dtEnd

New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Symmetric -Usage Sign -Value $newClientSecret -StartDate $dtStart  “EndDate $dtEnd

New-MsolServicePrincipalCredential -AppPrincipalId $clientId -Type Password -Usage Verify -Value $newClientSecret -StartDate $dtStart  “EndDate $dtEnd

To unregister the Add-in you can use the below script. Make sure that you are providing the global admin credentials as we already gave while registering.

$clientID="7c6cbd92-073b-4bc9-9d4a-fc27749f340b";

Connect-MsolService
$appPrincipal = Get-MsolServicePrincipal -ServicePrincipalName $clientID
Remove-MsolServicePrincipal -ObjectId $appPrincipal.ObjectId

Hope you find this little trick useful. Let me know your thoughts, and if you are held up somewhere, dont feel shy to ask. I am here available for you in the comments section below.