cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
TheTruePowerDev
Frequent Visitor

Launching SharePoint Apps with/from an PCF Component

Hey all! 

 

Sorry if this question is a simple one, I am just getting into PCF Components...

My Goal is to develop a PCF Component (model or canvas app doesnt matter) for dynamics 365, with the aim to create/edit sharepoint files and save it in dynamics 365.

I have seen ways to get existing data via the SharePoint API, however, I am not sure if its possible to call the SharePoint API from a PCF Component.

 

My main Question would be: 

Is it possible to launch the online version of Excel, Word,... from or within a PCF Component? 

 

Thank you and best regards

 

1 ACCEPTED SOLUTION

Accepted Solutions

There are actually two SharePoint APIs: the REST API and the CSOM API. CSOM is older but has widespread adoption among SharePoint developers, so it might be easier to find team members who are familiar with it.

 

There are a couple example PCFs on the PCF Gallery that work with SharePoint content; not sure whether they are actually using the REST API but it is worth taking a look at their code.

 

Generally, when you go to implement API calls in a PCF your biggest issue is going to be authentication. You will need to secure the currently logged in user's credentials securely then pass those on to the API you are calling. As I mentioned in the previous reply the normal mechanism for this is to register an App with AD, give it Delegate permissions to SharePoint (or whatever app), then use MSAL in your app to retrieve the user token and pass it in your API call.

 

The only realistic alternative to this is to offload the calls to some server-executing component where the code cannot be interrupted by a malicious user to inspect the authentication. From that externally executing context you can use any credentials you want, including an app id that has app permissions instead of delegate ones.

View solution in original post

3 REPLIES 3
cchannon
Super User
Super User

Well, you can effectively have your PCF just be an IFrame. In fact, this is one of the example PCFs published by Microsoft. That IFrame in turn can render any page, including a SharePoint App, which lets you run straight past authentication mechanisms and API call complexities.

 

Alternatively. you can make the API calls directly from your PCF to SharePoint (bypassing the SharePoint App entirely). To do this, though, you will need to handle your own authentication for the calls, so you will probably want an App Registration with Delegate permissions to SharePoint, then use MSAL to retrieve the currently logged in user's token and pass it through. You could also offload the calls to a server-side component, like a Function, but to me this seems like an unnecessary number of hops.

Hello!

I would actually prefer to call the SharePoint API instead of opening SharePoint in an iFrame.
Is there any Sample I could follow in order to incorporate SharePoint with PCF?
I have found out, that there is a SharePoint-REST-Service , is this the API you mentioned?
Are there any restrictions, that would limit me from calling the mentioned REST-Service  from a PCF-Control in Dynamics 365 online? It just wasnt sure, since I couldnt find any sample that incorporates the SharePoint API with a PCF-Control and since I also found a forum entry in which it was stated that its not possible for PowerApps Portals.

Thanks for your reply! 🙂

There are actually two SharePoint APIs: the REST API and the CSOM API. CSOM is older but has widespread adoption among SharePoint developers, so it might be easier to find team members who are familiar with it.

 

There are a couple example PCFs on the PCF Gallery that work with SharePoint content; not sure whether they are actually using the REST API but it is worth taking a look at their code.

 

Generally, when you go to implement API calls in a PCF your biggest issue is going to be authentication. You will need to secure the currently logged in user's credentials securely then pass those on to the API you are calling. As I mentioned in the previous reply the normal mechanism for this is to register an App with AD, give it Delegate permissions to SharePoint (or whatever app), then use MSAL in your app to retrieve the user token and pass it in your API call.

 

The only realistic alternative to this is to offload the calls to some server-executing component where the code cannot be interrupted by a malicious user to inspect the authentication. From that externally executing context you can use any credentials you want, including an app id that has app permissions instead of delegate ones.

Helpful resources

Announcements
Power Apps News & Annoucements carousel

Power Apps News & Announcements

Keep up to date with current events and community announcements in the Power Apps community.

Community Call Conversations

Introducing the Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Apps Community Blog Carousel

Power Apps Community Blog

Check out the latest Community Blog from the community!

Users online (5,416)