Azure Functions for SharePoint
AzureFunctionsForSharePoint is a multi-tenant, multi-addin back-end for SharePoint add-ins built on Azure Functions. The goal of this project is to provide the minimal set of functions necessary to support the common scenarios shared by most SharePoint provider hosted add-ins cheaply and reliably.
- Centralized Identity and ACS token management
- Installation and provisioning of add-in components to SharePoint
- Remote event dispatching to add-in specific back-end services via message queues including
- App installation
- App launch
- SharePoint Remote Events
Navigating the Documentation
These documents consist of articles that explain what the functions do, how to set up the hosting environment, and how to use the functions in your add-ins and API documentation for .NET developers linked to the source code in GitHub.
A Note on Terminology
These documents use the term client to refer to a given SharePoint add-in. A client is identified using its client ID which is the GUID that identifies the add-in's ACS client ID in the SharePoint add-in's AppManifest.xml.
There are three functions in this function app.
We're working on full automation with an ARM template, etc. The Visual Studio Solution includes a PowerShell script you can use with Task Runner Explorer and Command Task Runner. Until then, create a function app and copy the contents of this zip file into the function app's wwwroot folder.
Configuring the Function App
AzureFunctionsForSharePoint requires an Azure storage account which stores the configuration of each client as well as the associated tokens. This requires the presence of two app settings and their corresponding values.
Configuring SharePoint Add-ins to use the Function App
Azure Functions for SharePoint is multi-tenant in that it can service add-ins installed broadly across SharePoint Online and also because the back-end processes that respond to client specific events in SharePoint or rely on Azure Functions for SharePoint for security token management can be located anywhere with a connection to the Internet.
See the Client Configuration Guide for more information.
Using the Function App to Support Custom Back-ends
- Notification of add-in and SharePoint events via Azure Service Bus queues via the EventDispatch Function
- A REST service that provides security access tokens for registered clients via the GetACSAccessTokens Function
In both cases the client back-end receives all the information it needs to connect to SharePoint as either the user or as an app-only identity with full control. The function app does the actual authorization flow and its client configuration is the only place where the client secret is stored.
Your custom back-ends can live anywhere from the same Function App where you deployed Azure Functions for SharePoint to completely different Azure tenancies or on-premises servers. All that is required is that the back-end can read Azure Service Bus Queues and access the REST services via the Internet. Aside from these requirements, the back-end can run on any platform and be written in any language.
That said, if you are using .NET, this project included an assembly named AzureFunctionsForSharePoint.Common that you can use to make things even easier!
Complete documentation of the Azure Functions for SharePoint API see the API Guide.
Recent Changes (Jan 19, 2017)
- Added the CreateCredentialToken function
- Renamed GetAccessToken to GetACSAccessTokens
- Breaking changes in config file format to support credential clients