Consuming Web APIs securely from SharePoint Framework
Details
For this workshop, we concentrate on how to secure traffic from SharePoint Framework solution towards an external API hosted in Azure. Azure is typically used as customization platform also for solutions hosted in SharePoint Online. Demo will explain securely calling an Azure function from client-side web part.
Traffic from SharePoint Online towards the custom API is secure, but external API cannot directly use the identify of a caller. Typically, in these kinds of scenarios you either use app-only or specific service account.
Topics to be covered:
--How to securely call Azure function from SharePoint Framework web part
--How Azure function authentication can be controlled
--Required configuration for Azure function for enabling a call from SharePoint Online
--SharePoint Framework client-side web part implementation to call Azure function securely