Integrating webforms to SharePoint using O365/OAuth authentication

Webform data can be saved on your agency-owned SharePoint lists. This is a safe and secure way to store your data as the data is sent straight to you rather than being kept locally in the nsw.gov.au Content Management System (CMS) by default. Webform data stored in the CMS is only retained for a short period of time as a safety measure. This ensures that the data you capture on your agency pages are solely owned by your agency.

As your agency's webforms are integrated with SharePoint, every submission is sent to your agency's data repository. That is your agency's SharePoint lists.

This document gives an overview of how this integration works. For webforms to be integrated, agency editors will need to:

1. submit a new feature request, and
2. setup the webform with the SharePoint details we provide.

How Is Data Transmitted?

nsw.gov.au has an API (Application Programming Interface) that allows webforms to integrate with Microsoft SharePoint.

This setup uses Office365/OAuth (authentication method) for SharePoint authorization. It uses Microsoft's REST API (Application Programming Interface) to submit lists to SharePoint.

We recommend this approach for any webform containing PIA information. With this integration, all webform data is sent securely to their Role-Based Access Control (RBAC) SharePoint lists.

High-Level Architecture

Access Restrictions

This is private API with restricted access only to nsw.gov.au platform.

Current Implementation

The API captures the JSON (format for storing and transporting data) request that is submitted in a form. The API invokes the Office365/OAuth server to retrieve an authorization code.

It uses the code to feed the submitted details into SharePoint list.  

How to integrate your webform to SharePoint with O365/OAuth authentication

Submit a new feature request

Firstly you will need to submit a new feature request if you would like your webform integrated to SharePoint with O365/OAuth authentication. You will need to provide your agency's SharePoint information in your request. That is, your agency's SharePoint OAuth server and SharePoint list information.

• SharePoint server URL: SharePoint URL of receiving server. For example: https://agency.sharepoint.com
• List Information: Site name (if any) and list name.
  For example, site name: https://agency.sharepoint.com/sites/AgencyDataSite and list name: AgencyNewsletterSubscribers.
• Details to connect with OAuth server
  • grant_type: client_credentials
  • resource -- Target resource where access token is requested. e.g. https://access.example.com

We will also require your client_id and client_secret to connect with your OAuth server. However, we will request this information from you in a secure manner. Do not include this in with your feature request.

• client_id: identifier of the client
• client_secret: ensures only approved clients (nsw.gov) can connect to your SharePoint. Clients do this by retrieving an access token.

Our Platform team will then set up the endpoints within MuleSoft using the provided SharePoint details. Afterwards, you will receive the endpoint details required on your webform in the CMS to complete the integration.

Set up your webform with the SharePoint endpoint details

Once you have the relevant end point for your SharePoint instance then you can set up your form.

1. Navigate to form settings on your webform in the CMS.
2. Click on the “Email/ Handlers” tab, then click on the “+Add handler button”.
3. Click on the “Remote post” link and a configuration sidebar will appear.
4. Enter the provided end point URL (cloudhub.io URL) in the Completed URL field.

5. Continue to configure the web form settings and then click Save once done.