Skip to Content
Technical Articles
Author's profile photo vinay mittal

SAP To SharePoint Integration Via Microsoft Graph using SAP PO REST Adapter (No UDF’s for OAUTH)


We will hereby explain how to connect to Microsoft Sharepoint Using Microsoft Graph.

This blog is entirely different from what you may have come across till now.


Technology is changing at a very rapid rate and the way you can access certain Systems on the network and their Authentication Mechanism is changing too….

I had a requirement to Integrate SharePoint with SAP PO and was clueless until i came across this blog from Dilip

A really nice blog which explains how to perform basic operations on SharePoint.

Problem: We rely on UDF’s for getting the accessToken via OAUTH 2.0.


SharePoint works on OAUTH 2.0 authentication mechanism where you generate a client id and client secret. You then get the accessToken from the Sharepoint Auth url.{TenantID}/tokens/OAuth/2


The problem with this mechanism is that SAP PO REST Sender adapter does not support the OAUTH parameter “resource” which is mandatory for Sharepoint Authentication so we need to get AccessTokens Via UDF!!



We have two ways to connect to Sharepoint

  1. Via SharePoint API’s which require the steps to be followed mentioned in Dilip’s blog.
  2. Via Microsoft Graph which is the STANDARD and recommended way of connecting to SharePoint.

Advantages of using Microsoft Graph:

a) You can use SAP PO Receiver Rest adapter for Oauth without having to worry about any udf’s for the access token and let SAP PO Take care of it. 

b) Really vast variety of options to query to Sharepoint for instance. I had to read an excel file from Sharepoint and SharePoint’s REST API’s were returning that file to me as a binary file!!! No other way.

I moved on to Microsoft Graph and i could now query the data in the excel sheet directly! No hassle of any Java Mappings or handling of large Binary files….you only get the rows coulmns you want!!!

c) Works on ODATA and really user friendly to work on!

d) provides you a product wide client id and client secret…it means that if you are using Sharepoint’s API directly the client ID and client secret you generate is only valid for a particular “site” on sharepoint and won’t work on any other site! But with the client id client secret generated for Microsoft Graph you can access the ENTIRE SHAREPOINT with the same Token!! That’s something amazing!!


I can keep going on but need to keep this blog short.


How do we do it!!

Step 1) Generate client-id Client Secret.

Follow the steps as is in this blog and you will have your client-id and client-secret

Step 2) Once you have the admin consent open Postman and try to see if you are able to get the access token.


do a POST to{yourCompany}

for example if your sharepoint account is then just replace yourCompany in the url by ABC


Content-Type: application/x-www-form-urlencoded




Step 3) Import the Microsoft login and Microsoft Graph Certificates into your system

Microsoft Graph URL

Also there is a Microsoft Graph developer portal where you can login via your Company’s credentials and test your ODATA queries live!!


Now all you need to do is configure the REST Receiver Channel!!!




Here I am Querying a list for it’s Items. My Microsoft Graph URL Is{YourCompany},{site-id}/lists/{list-id}/items?filter=( (fields/JobNumber ne ‘1234’) )&expand=fields(select=Jobnumber,id)


and the result i get from a end to end postman test via SAP PO is


Request Mapping doesn’t matter in this case Response mapping is


Step 5) Understanding the ODATA query and how it was made is equally important and you won’t find much detail as to how to get these Site-id and list-id etc which can be really frustrating. Here is what i discovered via trial and error!

The query{site-id}/lists/{list-id}/items?filter=( (fields/JobNumber ne ‘1234’) )&expand=fields(select=Jobnumber,id)


has two main parts “site-id” and “list-id”

a) to get Site-id go to Microsoft Graph Developer portal


Now SharePoint works on the concept of sites or lets say sub portals under the Share Point or pages in SharePoint where you can store files, images, or create “lists” now enter the query{YourCompanyName}{YourSharepointSite}/

you will get something like


This becomes your site-id


b) Now we need to get the list we are working on, and a sharepoint site can have multiple lists.

again run the query{site-id}/lists/

this will give you the list of list id’s and you can pick up the list id and ready to go!!


Conclusion:  We learned how to query Sharepoint via Microsoft Graph(which in turn converts the ODATA query to Share Point’s REST API’s and you need not worry about the hundreds of API’s and functions).

Microsoft Graph and Sharepoint currently support ODATA 2.0 which has a wide array of functionalities.



Sample Microsoft Graph url’s for you which i built during some of my developments.

For Reading an Excel sheets row’s and column’s{site-id}/drive/items/{excelSheetFileID}/workbook/worksheets/Sheet1/UsedRange?$select=values


How to get Drives??{site-id}/drives/


How to get Excel sheet ID??{site-id}/drives/{drive-id}/root/children


Reading binary file from Sharepoint via Microsoft Graph(this covers Image, Text File , excel sheet, virtually everything!!!!) and you get back a Binary version of the file.{site-id}/drive/root:/{FullFilename}:/content





Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Rajesh PS
      Rajesh PS


      vinay mittal

      Please suggest. Thanks!


      Author's profile photo Shaibayan Chakrabarty
      Shaibayan Chakrabarty

      Hello Vinay,

      I am trying to use the below.

      Grant Type: Resource Owner Password Credentials Grant

      Token as: HTTP Header

      Authorization Server URL:<tenantid>/oauth2/v2.0/token where tenantid is provided as part of Open ID Connect details

      Resource Owner Client ID: Application (client) ID provided  as part of Open ID Connect details

      Auth Server User/Password and Resource User/Password - I am using my Microsoft credentials.

      The error I am getting is HTTP OAUTH 2.0 RESOURCE OWNER PASSWORD CREDENTIALS GRANT call to<tenantid>/oauth2/v2.0/token not successful. Error while processing Authorization request.

      Any ideas will be helpful.



      Author's profile photo Shashi Bhushan
      Shashi Bhushan

      Hi Vinay,

      Can you let me know how the access token is accessed if we use OAuth in receiver channel.

      Will it fetch access token for each interface call or it will fetch access token only when it expires.

      Author's profile photo Akansh Bhatnagar
      Akansh Bhatnagar

      While connecting to SharePoint through  regular HTTP call, this is giving an error. I tried adding grant_type in content modified prior to request reply, but still giving an error. can  you please help as to where and in which format this needs to be placed to avoid this error.


      ,"error_description":"AADSTS900144: The request body must contain the following parameter: 'grant_type'