Contents
How do you authenticate REST Web services?
Use of basic authentication is specified as follows:
- The string “Basic ” is added to the Authorization header of the request.
- The username and password are combined into a string with the format “username:password”, which is then base64 encoded and added to the Authorization header of the request.
The SharePoint REST API is touted as being the tool to provide inter-platform integration with SharePoint Online. However, outside of .NET the authentication piece is not so straightforward. App authentication solves this issue for registered apps but I want to show how remote user authentication can be achieved, regardless of platform.
How can I authenticate SharePoint rest calls from JavaScript?
The hosting browser is authenticating against the url and any fututre request within the authenticated “session” is working. In your scenario you will try to access the REST api of sharepoint and the server is sending back a 401 HTTP status code so the browser lets the user enter the credentials.
The type of applications where this kind of approach may be necessary include: a Java application, a PHP application, or JavaScript application where there is otherwise no SharePoint Online authentication context and the decision has been made (for whatever reason) that user authentication is most appropriate (as opposed to app authentication).
As mentioned in comment by @SharePointer you need to register an app in Azure AD in order to authenticate against it. That app that you register needs to be given permissions to your SharePoint Online. Login to Azure Portal at https://portal.azure.com that is used by your O365 Tenant where you want to access the SharePoint site.
https://www.youtube.com/watch?v=YMliU4vB_YM