{"id":552,"date":"2019-10-01T06:23:08","date_gmt":"2019-10-01T06:23:08","guid":{"rendered":"http:\/\/www.kofrimpong.com\/?p=552"},"modified":"2024-01-07T13:35:19","modified_gmt":"2024-01-07T13:35:19","slug":"how-to-access-sharepoint-entities-and-operations-using-rest-endpoints","status":"publish","type":"post","link":"https:\/\/www.kofrimpong.com\/how-to-access-sharepoint-entities-and-operations-using-rest-endpoints\/","title":{"rendered":"How to Access SharePoint Entities and Operations Using REST Endpoints"},"content":{"rendered":"\n
SharePoint exposes a REST interface that allows us to\nperform basic create, read, update, and delete (CRUD) operations on its entities.\nThese operations are performed by constructing a RESTful HTTP request, using\nthe OData standard, that corresponds to the client object model API you want to\nuse.<\/p>\n\n\n\n
Each SharePoint entity is exposed at an endpoint on the\nSharePoint site that you are targeting, and its metadata is represented in\neither XML or JSON format. This means, to perform any operation using a REST\nendpoint, you must know both the URL of the endpoint and the OData\nrepresentation of the SharePoint entity that is exposed at that endpoint.<\/p>\n\n\n\n
Endpoints that represents read operations are access using HTTP\nGET<\/strong> request. Endpoints that represents create operations map to HTTP POST<\/strong>.\nWhen you’re updating entities, you use PUT<\/strong> or MERGE<\/strong> HTTP request.\nUse the DELETE<\/strong> method to delete the entity. <\/p>\n\n\n\n I mentioned we can use PUT <\/strong>or MERGE <\/strong>request when updating entities, so which one is preferable? The answer is none, it depends on what you want to achieve. The MERGE<\/strong> method updates only the properties of the entity that you specify, while the PUT<\/strong> method replaces the existing entity with a new one that you supply.<\/p>\n\n\n\n All request to SharePoint endpoints will be authenticated. The method you will use to authenticate will vary based on how you are accessing the endpoints. <\/p>\n\n\n\n You need to get an access token when you use OAuth authentication. You cannot obtain an access token from code that is running on a browser client. You must obtain the access token from code that is running on a server. For more information about how you can obtain an access token, see\u00a0Context Token OAuth flow for SharePoint Add-ins<\/a>\u00a0and\u00a0Authorization Code OAuth flow for SharePoint Add-ins<\/a>.<\/p>\n\n\n\n To read information from a REST endpoint, you must know both the URL of the endpoint and the OData representation of the SharePoint entity that is exposed at that endpoint. You also need a valid OAuth access token. <\/p>\n\n\n\n You do not need the access token if you make this call from inside an add-in web, as you would in a SharePoint-hosted add-in. <\/p>\n\n\n\n This request would look a little different if you are writing your add-in in JavaScript while using the SharePoint cross-domain library. In this case, you don’t need to provide an access token. <\/p>\n\n\n\n You can create and update SharePoint entities by constructing RESTful HTTP requests to the appropriate endpoints, just as you do when you’re reading data. If you aren’t using OAuth to authorize your requests, these operations require the server’s request form digest value as the value of the\u00a0 In Provider-hosted add-ins that use OAuth, first retrieve the form digest value by making a POST request with an empty body to Another option is using the JavaScript cross-domain library. For provider hosted page, the HTTP requests will be from a remote webpage. For security, browsers do not allow JavaScript that is hosted on one domain to access resources on another domain. The JavaScript cross-domain library The table shows properties that are commonly used in HTTP requests for the SharePoint REST service.<\/p>\n\n\n\nRequest Authentication<\/i><\/a><\/h2>\n\n\n\n
Reading data with the SharePoint REST interface <\/i><\/a><\/h3>\n\n\n\n
HttpWebRequest endpointRequest =\n (HttpWebRequest)HttpWebRequest.Create(\n \"http:\/\/<site url>\/_api\/web\/lists\");\nendpointRequest.Method = \"GET\";\nendpointRequest.Accept = \"application\/json;odata=verbose\";\nendpointRequest.Headers.Add(\"Authorization\",\n \"Bearer \" + accessToken);\nHttpWebResponse endpointResponse =\n (HttpWebResponse)endpointRequest.GetResponse();<\/code><\/pre>\n\n\n\n
var executor = new SP.RequestExecutor(appweburl);\nexecutor.executeAsync(\n {\n url: appweburl +\n \"\/_api\/SP.AppContextSite(@target)\/web\/lists?@target='\" +\n hostweburl + \"'\",\n method: \"GET\",\n success: successHandler,\n error: errorHandler\n }\n);<\/code><\/pre>\n\n\n\n
Writing data by using the REST interface<\/i><\/a><\/h3>\n\n\n\n
X-RequestDigest<\/code> \u00a0header.\u00a0 <\/p>\n\n\n\n
jQuery.ajax({\n url: \"http:\/\/<site url>\/_api\/web\/lists\",\n type: \"POST\",\n data: JSON.stringify({ '__metadata': { 'type': 'SP.List' }, 'AllowContentTypes': true,\n 'BaseTemplate': 100, 'ContentTypesEnabled': true, 'Description': 'My list description', 'Title': 'Test' }\n),\n headers: { \n \"accept\": \"application\/json;odata=verbose\",\n \"content-type\": \"application\/json;odata=verbose\",\n \"content-length\": <length of post body>,\n \"X-RequestDigest\": $(\"#__REQUESTDIGEST\").val()\n },\n success: doSuccess,\n error: doError\n});<\/code><\/pre>\n\n\n\n
http:\/\/<site url>\/_api\/contextinfo<\/code> and extracting the value of the
d:FormDigestValue<\/code> node in the XML that the contextinfo endpoint returns.<\/p>\n\n\n\n
SP.RequestExecutor<\/code> handles getting and sending the form digest value for you. (It also handles the content-length value.)<\/p>\n\n\n\n
var executor = new SP.RequestExecutor(appweburl);\nexecutor.executeAsync(\n {\n url:\"http:\/\/<site url>\/_api\/web\/lists\",\n method: \"GET\",\n success: successHandler,\n error: errorHandler\n }\n);<\/code><\/pre>\n\n\n\n
Properties used in REST requests<\/i><\/a><\/h2>\n\n\n\n