Sharepoint authentication types

Update:

I confirm what I said in the previous post, Appian's default Connected system for Sharepoint Online uses "Granting access using SharePoint App-Only" type of authentication. Our issue is that the customer only allows "Azure AD app for app-only access" authentication, using a certificate and its private key. So no Client Secret. Therefore we are looking for a way to generate an integration with SPO customized to this constraint imposed by the customer.

Update:

I confirm what I said in the previous post, Appian's default Connected system for Sharepoint Online uses "Granting access using SharePoint App-Only" type of authentication. Our issue is that the customer only allows "Azure AD app for app-only access" authentication, using a certificate and its private key. So no Client Secret. Therefore we are looking for a way to generate an integration with SPO customized to this constraint imposed by the customer.

Would it be an option to not use the SP connected system, but a HTTP CS and oAuth?

Hi Gabriele, we had the same problem and we resolved it in this way:
In order to generate the client assertion (https://learn.microsoft.com/en-us/entra/msal/dotnet/acquiring-tokens/web-apps-apis/confidential-client-assertions), it's a JWT, (https://jwt.io/introduction) needed to retrieve the token from Microsoft IDP (learn.microsoft.com/.../v2-oauth2-client-creds-grant-flow), we created an Appian Plugin Function (docs.appian.com/.../Custom_Function_Plug-ins.html) that creates the Json Web Token. Then we used HTTP integrations to create folders/documents, check if a folder exists and so on. We used the REST API following the official Microsoft documentation (https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/working-with-folders-and-files-with-rest). It is not possible to use the OOTB connected system because it requires the parameter  "client secret", but this parameter is not used in "Azure AD app for app-only access".