Configure OAuth Authentication

The Microsoft Planner Connector retrieves information through the Microsoft Graph API.

To retrieve information from Microsoft Planner you must go to the Azure portal and register an application to represent the connector. You must then configure the connector to authenticate using OAuth.

NOTE: There is no need to complete this procedure if you ran the OAuth configuration tool during the installation process.

For more information about creating applications and using OAuth, refer to the Microsoft documentation.

To configure OAuth authentication to process data from a single user

  1. Go to the Microsoft Azure Portal.
  2. Click New registration.

    1. Type a name for the new application.
    2. Specify a redirect URL. The "type" of the redirect URL should be "Web".

      • To use the NiFi Ingest connector, the redirect URL must match the URL shown in the advanced configuration dialog of the NiFi processor.
      • To use the standard connector, the redirect URL must match the value of the RedirectUrl parameter in the OAuth tool configuration file, oauth_tool.cfg. The default value is http://localhost:7878/oauth.
  3. Click Certificates and Secrets and create a new client secret.
  4. Click API Permissions > Add a permission.

    The Request API permissions dialog box opens.

  5. Click Microsoft Graph, followed by Delegated permissions and select the following permissions.

    Graph API Permissions Required For
    User.Read  
    Tasks.Read.Shared  
    Group.Read.All Mapped Security
    User.Read.All Mapped Security
    offline_access  
  6. Run the OAuth configuration tool that is supplied with the connector.

    • To configure the NiFi Ingest connector

      1. In the NiFi web interface, right-click the processor and click Configure.
      2. Click ADVANCED, and complete the guided setup wizard. Then configure OAuth using the OAUTH SETUP tab.
    • To configure the standard connector

      1. Open the folder where you installed the connector.
      2. Open the OAuth tool configuration file, oauth_tool.cfg, in a text editor.
      3. In the [Default] section, set any SSL or proxy settings that are required to access the repository:

        SSLMethod The version of SSL/TLS to use.
        ProxyHost The host name or IP address of the proxy server to use.
        ProxyPort The port of the proxy server to use.

        For example:

        SSLMethod=NEGOTIATE
        ProxyHost=10.0.0.1
        ProxyPort=8080
      4. In the [OAuthTool] section, set the following parameters:

        AuthorizeUrl Replace the placeholder {tenant} with your Microsoft 365 Tenant, for example mydomain.onmicrosoft.com.
        TokenUrl Replace the placeholder {tenant} with your Microsoft 365 Tenant, for example mydomain.onmicrosoft.com.
        AppKey The application key of the application you created to represent the connector.
        AppSecret The client secret you obtained in step 3.
      5. Open a command-line window and run the following command:

        oauth_tool.exe oauth_tool.cfg OAuthTool

        A web browser opens, asking you to log in and grant consent for the connector to access your data.

      6. Log in and grant consent.

        The web page displays a message stating that the OAuth details have been successfully stored, and the OAuth tool creates the files oauth.cfg and oauth2_sites.bin. When you configure the connector, import the parameters from oauth.cfg into your task configuration. For more information about including parameters from another file, see Include an External Configuration File.