Home Help Center View - Digital Signage Custom Widgets OneDrive Image Slideshow Widget – Migration guide

OneDrive Image Slideshow Widget - Migration guide

The migration from Legacy Authentication to Microsoft Graph v2.0 with Secure Site Access provides a more secure and modern way to connect and manage your data sources. This update ensures improved security, better performance, and alignment with current Microsoft standards.

This functionality is supported for the widget Image Slideshow. By migrating to Microsoft Graph v2.0, these widgets can securely access and display data while maintaining reliable integration with your environment.

The Image Slideshow Widget can be downloaded from here:

http://http://install.gobright.cloud/temp/widget/Widget-OneDrive_SlideShow.gbexport

🚨 Urgent Migration Required

Legacy authentication methods will be retired. All widgets using password grant or broad permissions must be migrated to Microsoft Graph v2.0 with secure Sites.Selected permissions.

  • βœ… More secure authentication without storing user passwords
  • βœ… Production-ready and Microsoft recommended
  • βœ… Future-proof against authentication changes
  • βœ… Granular access control – sites only as needed

Secure SharePoint Approach

πŸ”’ Security-First Migration

This migration uses the SharePoint approach with Sites.Selected permissions for maximum security:

  • βœ… Granular access control – Access only to specifically configured SharePoint sites
  • βœ… Production-grade security – Microsoft-recommended approach for enterprise
  • βœ… Audit-friendly – Clear permissions and access tracking
  • βœ… Future-proof – Secure authentication without broad permissions

Note: Previously offered dual-path approach has been removed for security reasons. OneDrive approach with Files.Read.All would expose all files across the ecosystem.

Step 1: Create Azure AD App Registration
  1. Go to Azure Portal β†’ Azure Active Directory β†’ App registrations
  2. Click “New registration” and create your app

  3. Note your Application (client) ID and Directory (tenant) ID
  4. Go to “Certificates & secrets” β†’ Create new Client Secret
  5. Copy the secret value immediately (you won’t see it again)

Step 2: Configure API Permissions

Choose permissions based on your file access approach:

SharePoint Sites.Selected Permission (Secure):

  1. Go to “API permissions” in your app registration
  2. Add permission β†’ Microsoft Graph β†’ Application permissions
  3. Add: Sites.Selected
  4. Click “Grant admin consent”
# Required permission: Sites.Selected (Application Permission)

Step 3: Test Authentication

Verify your app credentials work with Microsoft Graph:

# PowerShell test script $clientId = “your-client-id” $clientSecret = “your-client-secret” $tenantId = “your-tenant-id” $body = @{ client_id = $clientId client_secret = $clientSecret scope = “https://graph.microsoft.com/.default” grant_type = “client_credentials” } $response = Invoke-RestMethod -Uri “https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token” -Method POST -Body $body Write-Output “Authentication successful! Token type: $($response.token_type)”

Step 4: Discover Your Site ID (for SharePoint Approach)

Use Microsoft Graph Explorer to find your site ID:

  1. Open Microsoft Graph Explorer
  2. Sign in with an account that has access to your SharePoint site
  3. Modify permissions to include Sites.Read.All or Sites.Selected
  4. Run this query (replace “YourSiteName” with your actual site name):
GET https://graph.microsoft.com/v1.0/sites?search=YourSiteName

The response will contain site information:

{ “value”: [ { “id”: “company.sharepoint.com,abc12345-def6-7890-abcd-123456789abc,def67890-abc1-2345-def6-789012345abc”, “displayName”: “Your Site Name”, “webUrl”: “https://company.sharepoint.com/sites/YourSiteName” } ] }

Copy the site ID – you’ll need it for both configuration and Sites.Selected setup.

Step 5: Configure Sites.Selected Permissions (for SharePoint Approach)

Grant your app access to specific SharePoint sites using Graph Explorer:

POST https://graph.microsoft.com/v1.0/sites//permissions { “roles”: [“read”], “grantedToIdentities”: [{ “application”: { “id”: “your-app-client-id”, “displayName”: “Your App Name” } }] }

Replace with your actual site ID from Step 4 and your-app-client-id with your Azure app’s client ID.

Success response indicates your app now has read access to that specific SharePoint site only.

Further in this article you can check the information for each Image Slideshow widget.

Image Slideshow Widget configuration

Purpose: Display rotating images from SharePoint folders with secure access control

There are three available configuration options for setting up the widget. It is recommended to use only one option at a time to ensure a clear and stable configuration.

Regardless of the option you choose, the first three fields – Tenant ID, Client ID, and Client Secret – are mandatory. These values remain the same and must be provided for all three configuration methods, as they establish the required connection and authentication.

Review the requirements for each of the three options listed below.

Option A (site selected)

If you choose to configure this option, you need to fill in the site name ID which is received via step 4.

Option B (site selected)

If you choose this option B, two fields are required. You need to complete the Hostname and the SharePoint Site Name.

Option C (read all)

In case you decide to complete this option, you should fill in only the Sharepoint Site Name.

Supported Image Types:

  • JPEG (.jpg, .jpeg)
  • PNG (.png)
  • GIF (.gif)

Features:

  • βœ… Automatic thumbnail generation
  • βœ… Image caching for performance
  • βœ… Direct download URLs
  • βœ… Metadata extraction (size, type, etc.)

🎯 Migration Summary

Your widget is now ready for production with modern, secure authentication:

  • βœ… Slideshow widgets: Display image collections from SharePoint with thumbnails
  • βœ… Security-first: Sites.Selected permissions for granular access control
  • βœ… Future-proof: Microsoft Graph v2.0 with client credentials
  • βœ… Enhanced performance: Optimized API calls and caching

This article comes from the Help Center of GoBright.

View original article

Welcome to the GoBright Help Center. Here you can find technical information about our products, installations and integrations. If you can’t find what you are looking for, don’t hesitate to contact GoBright Support.

Do you have a question?
Contact our Support colleagues.

Our Products

Room Booking System

Relaxed and worry-free meeting with room booking.
Find out more about Room Booking.

Desk Booking System

Take flexible working to the next level with desk booking software.
Find out more about Desk Booking.

Visitor Registration System

A professional and warm welcome for all your visitors.
Find out more about Visitor Registration.

Digital Signage Software

Show information to a specific target group, in the right place, at the right time.
Find out more about Digital Signage.

GoBright will be present at The Workplace Event in Birmingham; from 28 to 30 April 2026 - booth 3A/w12

Join Chris Wiegeraad at the Workplace Leaders’ Summit on April 28 at 14:30.

Register Now! TWE 2026
Chris The Workplace Event Workplace Leaders Summit