web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

🚀 Season of Sharing Community Challenge Launch! 🚀
Ask A Community Pro
Introducing our New Video Series: Community Spotlight
News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics 365 | Integration, Dataverse... / SharePoint ACS (AppInv...
Microsoft Dynamics 365 | Integration, Dataverse...
Unanswered

SharePoint ACS (AppInv/AppRegNew) Retirement – Need Guidance on Migration to Azure AD / Graph

(0) ShareShare
ReportReport
Posted on by Aryan 196

We have an integration between Microsoft Dynamics 365 Business Central (AL) and SharePoint Online for uploading and accessing files in document libraries.

Current Implementation

App Registration & Permissions

  • App created using:
    /_layouts/15/appregnew.aspx

  • Permissions granted via:
    /_layouts/15/appinv.aspx → “Trust It”

Current permission (overly broad):

<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/tenant" Right="FullControl" /> </AppPermissionRequests>


this will give all tenant level  access i.e. all sharepoint access so pls suggest ?

Authentication (ACS Token)

We generate access tokens using:

POST https://accounts.accesscontrol.windows.net/{tenant-id}/tokens/OAuth/2

SharePoint API Usage

We are using SharePoint REST API:

Upload file:

POST https://<org>.sharepoint.com/sites/<site>/_api/web/GetFolderByServerRelativeUrl('/sites/<site>/Shared Documents')/Files/add(url='file.pdf',overwrite=true)

Download / read files:

GET https://<org>.sharepoint.com/sites/<site>/_api/web/GetFileByServerRelativeUrl('/sites/<site>/Shared Documents')/Files...

Questions
  1. After April 2026, will existing ACS-based integrations completely stop working, or only new registrations will be blocked?

  2. What is the recommended modern approach for this scenario:

    • Continue using SharePoint REST API with Azure AD token

    • OR migrate fully to Microsoft Graph API


      •  
    If we switch to Azure AD authentication:

    • Can we continue using existing _api/web/... endpoints?

    • Or is Graph API mandatory  

  3. What is the best way to restrict access to a single SharePoint site (avoid tenant-wide permissions like FullControl)?

  4. For Business Central (AL), is there any recommended approach or pattern for:

    • Generating Azure AD tokens (client credentials flow)

    • Calling SharePoint / Graph APIs securel  

Any guidance, best practices, or migration examples would be highly appreciated.

If possible pls share some Blogs or resource when this overall new process is explain so that i can can a hit and start the development.

Categories:
Dynamics 365 general
I have the same question (0)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🚀 Season of Sharing Community Challenge Launch! 🚀
Ask A Community Pro
Introducing our New Video Series: Community Spotlight

Quick Links

Season of Sharing Community Challenge Launch!

Jump in, show your community spirit, and win prizes!

Women in Power Builds Momentum

Expanding mentorship, skilling, and AI innovation

Congratulations to the April Top 10 Community Leaders

These are the community rock stars!

Leaderboard > Microsoft Dynamics 365 | Integration, Dataverse, and general topics

#1
Subra Profile Picture

Subra 128

#2
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 99 Super User 2026 Season 1

#3
11manish Profile Picture

11manish 86

Last 30 days Overall leaderboard

Featured topics

Welcome to the Microsoft Dynamics 365 forum!
Identifying an Org as CDS or Dynamics
Get batch job history log from D365 FO to Power Automate
Gross and Net Weight of Shipments feeding back into Sales Order (from External Source)

Product updates

Dynamics 365 release plans