Exposing an API endpoint using SharePoint app/addin

Question

I need to expose an API endpoint in an app/addin which published in SharePoint. My customer not giving access to SharePoint API. I can't directly make a request to SharePoint API then. So I need to create an app/addin and expose an API endpoint to receive REST request from custom third party API.

That endpoint needs to accept a file and save it in given site in SharePoint. Is this approach possible to implement? If yes how? If not then are there any other solution? TIA

Answer 1

Yes, it's possible to create an app/add-in to expose an API endpoint that can receive REST requests and save a file in a SharePoint site, without directly accessing the SharePoint API. Here's an approach you could take:

1. Create a web application that will host the API endpoint. This can be built using any web technology of your choice (e.g. ASP.NET, Node.js, Java, etc.). The endpoint should accept the file as a multipart/form-data POST request.
2. Within the API endpoint, you can use the Microsoft Graph API to authenticate the user and access the SharePoint site. The Microsoft Graph API provides a single endpoint to access data and intelligence in Microsoft 365, and can be used to interact with SharePoint resources like files, lists, and sites.
3. To authenticate the user, you can use the OAuth 2.0 authorization code grant flow. This involves redirecting the user to a Microsoft login page where they will enter their credentials and consent to the app accessing their SharePoint data. Once the user has authenticated, the app will receive an authorization code which can be exchanged for an access token to make API calls on behalf of the user.
4. Once you have an access token, you can use the Microsoft Graph API to upload the file to the SharePoint site. The endpoint for uploading a file is /drives/{drive-id}/root:/{folder-path}/{filename}:/content, where {drive-id} is the ID of the SharePoint drive you want to upload to, {folder-path} is the path to the folder where you want to upload the file, and {filename} is the name of the file you want to upload. You can use the access token to authenticate the API call.