Entra ID app registration

To set up OAuth2 authentication for a SharePoint Online provider using resource owner password credentials, you must specify the client ID and tenant ID of an app registration in Entra ID (formerly Azure Active Directory). You can use an existing app registration or add a new one.

To add or update an app registration, go to the Azure admin center at portal.azure.com and sign in to your organization. In Microsoft Entra ID, select Manage > App registrations. Select an existing registration, or click New application registration to create a new one.

The application (client) ID and directory (tenant) ID that you will enter for the EDM provider in Operations and Regulations are shown under Essentials in the app registration's overview.

You must also add a redirect to a URI such as http://localhost. To add a redirect URI, click Add a Redirect URI under Essentials (under Mobile and desktop applications) and specify these values:

Under Supported account types, select Accounts in this organizational directory only.
Under Advanced settings, switch Allow public client flows to Yes.

Finally, in the API permissions for the app registration, the SharePoint > Sites.Selected permission must be granted.