Sharepoint World: 2018

Saturday 29 December 2018

IT Governance in SharePoint

Applicable to SP 2013/2016/2019

How will you control the services that you offer? What will you provide with each service? What will you include in service-level agreements for each service? And how do you prevent proliferation of unmanaged servers? These questions should be answered as part of your IT governance plan.

Develop a good governance plan when you create an IT service to support SharePoint. A good governance plan ensures that the service meets the business needs of your organization securely and cost-effectively. When you add to the service, a good governance plan helps you do so seamlessly. A good governance plan to run a successful IT service should include:

A Governance team defines the initial offerings of the service and its ongoing policies, and meets regularly to evaluate success.
The policies you develop are communicated to your organization and are enforced.
Users are encouraged to use the service and not create their own solutions. Installations are tracked and rogue installations are blocked.

What is a SharePoint service?

A SharePoint service is an IT service that offers hosted sites based on SharePoint. The benefits of a SharePoint service include backup and recovery, content storage, support for customization, security, and service levels based on speed and availability as show in the following illustration.

Elements of a successful service

As you plan and implement your SharePoint service, consider the following elements that can contribute to the success of the governing effort:

Form and use a governing group. Your IT service for SharePoint should be governed by a group that includes executive stakeholders, business division leaders, influential information workers, IT managers, and IT technical specialists, among others. The goal of the governing group should be to oversee the service. In this capacity, the governing group defines the initial offerings of the service, defines the service's ongoing policies, and meets regularly to evaluate success.
Communicate the policies. The governance policies that you develop must be publicized to your organization. Maintain a website that describes the service.
Encourage use of the service. Discourage or block users from deploying their own servers. Instead, encourage them to use the service. Isolated servers may not be configured according to IT security policy and the organization's regulatory requirements. Furthermore, users who deploy their own servers may not properly back up their servers or keep servers up-to date with software patches and updates. Finally, content on servers that are not governed by the service may not be detected by the organization's indexing service, which may create isolated pockets of content.

What to govern in a SharePoint service

Determine limits and policies for the areas shown in the following table.

Areas that should have limits or policies in a governance plan

Area	Recommendation
Security, infrastructure, and web application policies	How is the system and infrastructure maintained and who has access at what levels? What's the maximum upload size you want to allow? Are you controlling the use of fine-grained permissions?
Data protection (backup and recovery)	Vary the level of data protection that you offer based on service levels. Plan how often you back up the farms and how quickly you can guarantee the data is restored.
Site policies	Use site policies to help control site proliferation. A site policy defines the life cycle of a site by specifying when the site will be closed and when it will be deleted. When you close or delete a site, any subsites are also closed or deleted. If an Exchange mailbox is associated with a site, the mailbox is deleted from Exchange Server 2013 when the site is deleted.
Quotas	Quota templates define how much data can be stored in a site collection and the maximum size of uploaded files. Associate different quota templates with site collections at different service levels.
Asset classification	Classify sites and content by value and impact of the content to the organization (such as high, medium, or low business value/impact). That classification then controls other requirements, such as encryption for high business impact information. Impact = Exposure If this leaks, will it hurt my business? Value = Availability If this isn't available, can my business run?

Service-level agreements

Your organization should create appropriate service-level agreements for each service you provide. A good service-level agreement should include:

The approval process, including the length of time and approvals necessary to create a site.
Costs for users or departments.
Operations-level agreement, which specifies which teams perform which operations and how frequently.
Policies around problem resolution through a support team.
Negotiated performance targets for first load of a site, subsequent loads, and performance at remote locations.
Recovery, load balancing, and failover strategies.
Customization policies.
Storage limits for content and sites.
How to handle inactive or stale sites.
Multilingual support.

Deployment governance

In addition to governing services that you offer, you also need to govern installations of SharePoint in your environment.

Track installations An Active Directory Domain Services (AD DS) marker named Service Connection Point identifies the SharePoint servers in an organization. Set this marker for each domain in your organization if you want to track installations in all domains. See Track or block SharePoint Server 2010 installations.
Block installations You can block installations of SharePoint Server 2016 to prevent users from installing it to unauthorized servers that you don't want to support. Use a Group Policy in Active Directory Domain Services (AD DS) to set a registry key on all servers to block installations. This registry key existed by default in SharePoint Server 2010, but is not included in SharePoint Server 2016. You can create it yourself in the registry if you want to block installations. See Track or block SharePoint Server 2010 installations.
Keep current with software updates Keep your servers current. Test and install recommended software updates. See the Updates Resource Center for SharePoint Server 2016.
Site collection upgrades Site collections can now be upgraded independently from the content databases. Determine who, when, and how to upgrade site collections when a new version or an update is available. See Plan for site collection upgrades in SharePoint 2013.

SharePoint hub sites

What is a SharePoint hub site? help you organize your intranet. Getting the most value from hub sites requires some up-front planning.

Setting the stage

SharePoint hub sites provide an important building block for your intranet. They are the "connective tissue" you use when organizing families of team sites and communication sites together.

One of the key principles of modern intranets based on SharePoint is that each unit of work should get a separate site collection to optimally manage governance and growth over time. Each communication site and Office 365 group-connected team site is created as a site collection that can have its own permissions. A hub site (most commonly created from a communication site) should also be considered its own unit of work that brings together numerous other sites.

In the past, many organizations used subsites to create connective tissue for their intranets, using the site collection's shared navigation to connect sites and the hierarchical structure of subsite relationships to nest sites within sites. However, subsites don't give any room for flexibility and change. Since subsites are a physical construct reflected in the URL for content, if you reorganize your business relationships, you will break all the intranet relationships in your content. Subsites can also create challenges when it comes to governance because many features (including policy features like retention and classification) in SharePoint apply to all sites within the site collection, whether you want them to or not. This means that you must frequently enable a feature for the entire site collection, even if it's only applicable to one subsite.

What is the one thing that we can guarantee is going to happen in every business? Change! As our organization evolves, you need intranets that make it easy to align experiences with the way you work and that can adapt to the inevitable changes in the way you work. This is a key benefit provided by SharePoint hub sites; they model relationships as links, rather than hierarchy or ownership, so that you can adapt to the changes in the way you work in a dynamic, changing world.

Sites move between hub sites with organizational changes

Office 365 provides three main building blocks to help you create your intranet in a way that allows you to configure experiences that align with your business, your employees, and your readiness. Different organizations will use the building blocks in different ways, but the building blocks themselves reflect common patterns that organizations use to get work done:

Team sites (collaboration)
Communication sites (communication)
Hub sites (connection)

What should be a hub site?

Hub sites complement the search experience by helping you discover information in context.

One of the biggest challenges with intranet design is figuring out how the intranet navigation should be organized. In the new world where all team and communication sites are peer site collections, information architects must think about creating experiences that will allow intranet users to find what they need in multiple "find" scenarios:

I know it exists, and I know where it is
I know it exists, but I don't know where it is
I don't know if it exists

These scenarios are enabled with a combination of navigation, search, and discovery (or serendipity) and should be a factor in how you design and organize your hub sites. One of the important capabilities that hub sites enable is the serendipitous discovery of information because they can surface contextually relevant content from sites you may not follow but are associated with the hub. SharePoint Home was built to support discovery and search across the entire organization's content, but if you already have a particular context in mind, hub sites can be very helpful in narrowing those experiences down to a handful of related sites.

As a starting point in your hub planning, think about hub sites for key functions that your users need to get work done—for example: HR, Finance, Communications or Public Relations, Legal, and IT. These functions may be represented in different organizational departments or business units in large organizations or combined into the role of a few people in smaller organizations.

Let's take HR as an example. HR often encompasses the following sub-functions:

Benefits
Pay and compensation
Talent acquisition or recruiting
Performance management
Professional development or training
Manager portal

Using the guiding principle of creating a site for each unit of work, you can think about an HR family of sites that could include 6 functional sites for each of these functions plus an HR home that connects the related sites to provide an overall HR experience. This is another way to think about the value of hub sites: they allow you to create an experience that improves information discovery for a specific context (in our example, for employees looking for HR information).

In the classic intranet model, you might have created an HR site and used subsites to support each HR function. In the new flat world of modern SharePoint sites, the HR family is connected using the HR hub to provide that connective tissue for navigation within the family and to provide an opportunity to serendipitously discover content on a related member of the family when users navigate to the HR home. For example, if you're on the HR hub reading a news announcement about open enrollment because you're in the process of onboarding a new employee, you might be happy to know that a new version of the "Welcome to the Company" onboarding toolkit was just released on the Talent Acquisition site. Likewise, if you're trying to find the HR team's office sharing policy, you'll appreciate being able to limit your search to only the HR-affiliated sites, rather than the entire company.

You don't have to have a hub site for every function. However, when a function provides multiple logically different services (as in the HR example), it's a good practice to create a hub site to provide a single starting place for your users. Often, intranet users start their exploration with browsing. Hub sites help combine the benefits of browsing ("I know this is an HR topic") with the benefits of a more narrowly scoped search ("I want to find information about vision benefits, not the company's strategic vision."). Even if the users don't know which sub-function provides a service, they can navigate to the HR hub and then, using the search scope provided by the hub, search (or navigate) within the HR hub to quickly find what they need.

Know how your audience will consume SharePoint hub sites

Your audience might consume SharePoint hub sites via the SharePoint home in Office 365—both the sites themselves and how news flows from hub to home. Also, consider SharePoint mobile apps, which could be used to access the hub home page, news, and navigation to associated sites. Consider the value of mobile app notifications. Encourage your users to stay connected on the go with the SharePoint mobile app. Make sure that you consider operating systems, screen sizes, resolution, and form factors. All modern sites, pages, news, and lists should work well across all of these, and some will reflow as people consume content on small devices.

Additional important considerations

Finding hubs if you have more than one. Hub sites are an important building block for your intranet. But for most organizations, hub sites are not going to provide the type of global navigation that intranet designers want. Here are some ways you can make your hub sites discoverable:
- On SharePoint home. Pin your hub sites to the Featured links area of SharePoint home. Encourage all users to "follow" hub sites.
- On the SharePoint mobile app. Hub sites can also be found on the SharePoint mobile app and are even more discoverable if users follow hub sites.
- From the organization portal. If you have an existing organizational intranet or portal, you can link to your hub sites in your existing navigation.
- On each hub site. Consider adding a link to your organizational portal home page on each hub site. Add the link to the organization portal ("home home") to the far right in your hub navigation to keep the primary focus of your hub site on the hub site context.
Reaching the right audience for news. Hub sites help you bring news to the right people at the right time and in the right context. News doesn't flow down to associated sites, just up from the associated site to the hub. If you want the broadest reach for your news, publish it to the hub site. To make hub news more visible, you may want to have two news web parts on your home page: one for new published on the hub home and another that includes news rolled up from associated sites (all or just selected sites).
Hub naming conventions. Think about naming conventions for hub sites to make them more discoverable. Some options include names such as HR Central, HR Hub, HR Portal. Try to choose a consistent naming convention for all hub sites.
Getting ready to hub. Once you have planned your hubs, you can transform an existing site (preferably a communication site) to become a hub site or create a new site communication site and make it a hub site. Then, you can add and configure the web parts and navigation on the hub site to emphasize the hub capabilities.
Subsites. Hub sites solve many or most of the use cases for which you previously used subsites. We recommend using hub sites going forward to organize the sites in your intranet. However, subsites will continue to be supported as a classic feature, and we'll add the new team site template as a subsite option

Microsoft Graph

Microsoft Graph is the gateway to data and intelligence in Microsoft 365. Microsoft Graph provides a unified programmability model that you can use to take advantage of the tremendous amount of data in Office 365, Enterprise Mobility + Security, and Windows 10.

You can use the Microsoft Graph API to build apps for organizations and consumers that interact with the data of millions of users. With Microsoft Graph, you can connect to a wealth of resources, relationships, and intelligence, all through a single endpoint: https://graph.microsoft.com

What's in the graph?

Microsoft Graph exposes REST APIs and client libraries to access data on the following:

Azure Active Directory
Office 365 services: SharePoint, OneDrive, Outlook/Exchange, Microsoft Teams, OneNote, Planner, and Excel
Enterprise Mobility and Security services: Identity Manager, Intune, Advanced Threat Analytics, and Advanced Threat Protection.
Windows 10 services: activities and devices
Education

To find out more, see Major services and features in Microsoft Graph.

Microsoft Graph connects all the resources across these services using relationships. For example, a user can be connected to a group through a memberOf relationship, and to another user through a manager relationship. Your app can traverse these relationships to access these connected resources and perform actions on them through the API.

You can also get valuable insights and intelligence about the data from Microsoft Graph. For example, you can get the popular files trending around a particular user, or get the most relevant people around a user.

Discover the possibilities in the relationships within Microsoft Graph.

An image showing the primary resources and relationships that are part of the graph

What can you do with Microsoft Graph?

You can use Microsoft Graph to build experiences around the user's unique context to help them be more productive. Imagine an app that...

Looks at your next meeting and helps you prepare for it by providing profile information for attendees, including their job titles and who they work with, as well as information about the latest documents and projects they're working on.
Scans your calendar, and suggests the best times for the next team meeting.
Fetches the latest sales projection chart from an Excel file in your OneDrive and lets you update the forecast in real time, all from your phone.
Subscribes to changes in your calendar, sends you an alert when you’re spending too much time in meetings, and provides recommendations for the ones you can miss or delegate based on how relevant the attendees are to you.
Helps you sort out personal and work information on your phone; for example, by categorizing pictures that should go to your personal OneDrive and business receipts that should go to your OneDrive for Business.

Performance considerations & Optimize PowerApps

Microsoft is working hard to improve the performance of all apps that run on the PowerApps platform. But you can follow the best practices in this topic to boost the performance of apps that you create.

When a user opens an app, it goes through these phases of execution before showing any user interface:

1. Authenticates the user - Prompts the user, if that person has never opened the app before, to sign in with credentials for whatever connections the app needs. If the same user opens the app again, that person might be prompted again, depending on the organization’s security policies.

2. Gets metadata - Retrieves metadata such as the version of the PowerApps platform on which the app runs and the sources from which it must retrieve data.

3. Initializes the app - Performs any tasks specified in the OnStart property.

4. Renders screens - Renders the first screen with controls that the app has populated with data. If the user opens other screens, the app renders them by using the same process.

Limit data connections

Don’t connect to more than 30 data sources from the same app. Apps prompt new users to sign in to each connector, so every additional connector increases the amount of time that the app needs to start. As an app runs, each connector requires CPU resources, memory, and network bandwidth when the app requests data from that source.

You can quickly measure your app’s performance by turning on Developer Tools in Microsoft Edge or Google Chromewhile running the app. Your app is more likely to take longer than 15 seconds to return data if it frequently requests data from more than 30 data sources, such as Common Data Service for Apps, Azure SQL, SharePoint, and Excel on OneDrive.

Limit the number of controls

Don’t add more than 500 controls to the same app. PowerApps generates an HTML DOM to render each control. The more controls you add, the more generation time PowerApps needs.

You can, in some cases, achieve the same result and have the app start faster if you use a gallery instead of individual controls. In addition, you might want to reduce the number of control types on the same screen. Some controls (such as PDF viewer, data table, and combo box) pull in large execution scripts and take longer to render.

Optimize the OnStart function

Use the ClearCollect function to cache data locally if it doesn’t change during the user session. Also, use the Concurrent function to load data sources simultaneously.

As this reference topic demonstrates, you can use Concurrent to cut the amount of time an app needs to load data in half.

Without the Concurrent function, this formula loads each of four tables one at a time:

ClearCollect( Product, '[SalesLT].[Product]' );

ClearCollect( Customer, '[SalesLT].[Customer]' );

ClearCollect( SalesOrderDetail, '[SalesLT].[SalesOrderDetail]' );

ClearCollect( SalesOrderHeader, '[SalesLT].[SalesOrderHeader]' )

You can enclose the same formula in the Concurrent function to reduce the overall time that the operation needs:

Concurrent(

ClearCollect( Product, '[SalesLT].[Product]' );

ClearCollect( Customer, '[SalesLT].[Customer]' );

ClearCollect( SalesOrderDetail, '[SalesLT].[SalesOrderDetail]' );

ClearCollect( SalesOrderHeader, '[SalesLT].[SalesOrderHeader]' ))

Cache lookup data

Use the Set function to cache data from lookup tables locally to avoid repeatedly retrieving data from the source. This technique optimizes performance if the data probably won’t change during a session. As in this example, the data is retrieved from the source once and then referenced locally after that until the user closes the app.

Set(CustomerOrder, Lookup(Order, id = “123-45-6789”));

Set(CustomerName, CustomerOrder.Name);

Set(CustomerAddress, CustomerOrder.Address);

Set(CustomerEmail, CustomerOrder.Email);

Set(CustomerPhone, CustomerOrder.Phone);

Contact information doesn’t change frequently, and neither do default values and user information. So you can generally use this technique with the Defaults and User functions also.

Avoid controls dependency between screens

If a control’s value depends on the value of a control on a different screen, manage the data by using a variable, a collection, or a data-source reference.

Use global variables

To pass the app’s state from one screen to another, create or modify a global variable value by using the Set function instead of by using the Navigate and UpdateContext) functions.

Use delegation

Where possible, use functions that delegate data processing to the data source instead of retrieving data to the local device for processing. If an app must process data locally, the operation requires much more processing power, memory, and network bandwidth, especially if the data set is large.

For example, SharePoint lists support delegation from the Filter function but not the Search function. So you should use Filter instead of Search to find items in a gallery if the SharePoint list contains more than 500 items. For more tips, see Working with large SharePoint lists in PowerApps (blog post).

Use Delayed Load

Turn on the experimental feature for Delayed Load if your app has more than 10 screens, no rules, and many controls that are on multiple screens and that are directly bound to the data source. If you build this type of app and don’t enable this feature, app performance may suffer because the controls in all screens must be populated even on screens that aren’t open. Also, all screens of the app must be updated whenever the data source changes, such as when the user adds a record.

Working with large data sets

Use data sources and formulas that can be delegated to keep your apps performing well while users can access all the information they need, and avoid hitting the data row limit of 2000 for non-delegable queries. For data-record columns on which users can search, filter, or sort data, those indexes of columns are designed well as these docs describe for SQL Server and SharePoint.

Republish apps regularly

Republish your apps (blog post) to get performance improvements and additional features from the PowerApps platform.

What is PowerApps

PowerApps is a service that lets you build business apps that run in a browser or on a phone or tablet, and no coding experience is required.

The objective of PowerApps is to enable business users to build new capabilities via apps, without requiring that they have code expertise. Microsoft touts an intuitive visual design for PowerApps, with drag-and-drop functionality and a familiar look and feel taken from applications like PowerPoint.
PowerApps has connections to various Microsoft-based and third-party applications, including Microsoft SQL Server, SharePoint and OneDrive in the Office 365 productivity suite, as well as Dropbox, Google Docs, SAP, Oracle and Dynamics CRM.

Can I use PowerApps if I have SharePoint on premises?

Yes. PowerApps is a cloud-based tool, so you would need to have your AD connected into Office 365 to assign licenses and use PowerApps. After your users have a license to use PowerApps, you can install an “On-Prem Gateway” on your SharePoint Server and then register it to your Office 365 tenant. You can then use that gateway to access all your information in SharePoint like you normally would in PowerApps.

Can I add conditional logic to a form? (Show and hide columns)

Yes. One of the biggest things with InfoPath was the ability to show and hide columns based on rules in the form. PowerApps allows you to add logic to your controls within your forms so you can not only show/hide, but you can also change colors, disabled/enabled, spacing, etc. It’s not the same controls as InfoPath, but PowerApps has been working on their logic within forms to make it easier. After you learn how to add conditional logic into a PowerApp, it is very repeatable and simple.

Can I have a PowerApp replace the normal SharePoint list form?

Yes. This feature was announced at Ignite 2017 and will be coming out soon to first release users. This feature will only be available in the modern experience so classic users will not be able to change their forms with PowerApps. If you are using the modern experience for lists, you can go into List Settings->Form Settings-> “Use a custom form in PowerApps”, customize the PowerApp form, and it will automatically save back to the list. Doing this will allow you to have a new and customized view/edit form, just like you would have with InfoPath.

Can I migrate my InfoPath forms to PowerApps?

No. Your custom InfoPath forms would have to be remade in PowerApps. It sounds daunting, but with PowerApps’ new tools, you can transform your basic InfoPath form into an efficient PowerApp to streamline your processes.

What if PowerApps is not perfect for you?

Just like with InfoPath, PowerApps fits many needs, but sometimes companies cannot use PowerApps or it might not be the best tool for the job. If you are looking for a very similar user experience to InfoPath on both the frontend and backend, I suggest a third-party tool like Nintex. Nintex not only gives you an InfoPath-like interface that some might be used to, but it also allows you to easily create mobile and complex forms.

3 things to know about PowerApps as an InfoPath successor

The wait is over — Microsoft has now designated PowerApps as the successor to InfoPath. On the occasion of PowerApps being released to general availability this week, here’s our take.

1. PowerApps was not intended as an InfoPath replacement but has been pulled into that role

The Original Story

When it was first introduced in November 2015, the SharePoint community lit up with speculation this might be the long-awaited replacement for InfoPath. Microsoft worked to dispel this perception, even to the point of denial. From an early Office dev center blog on PowerApps:

“… you might naturally ask the question whether this is intended as a replacement for InfoPath or SharePoint Designer. It’s a fair question, but the short answer is ‘no.’”

Dan Holme concurred:

“PowerApps does not replace InfoPath and SharePoint Designer. It creates an entirely new class of capability….”

All indications are that PowerApps was not intended as an InfoPath replacement — including the way the word ‘forms’ was so carefully avoided in its roll-out.

The New Story

For the first three quarters of 2016 the silence from Microsoft on InfoPath replacement remained deafening. Then at Ignite 2016 Formotus first started talking about PowerApps as being a successor to InfoPath.

In this interview from Ignite, Microsoft Senior Product Manager Chris McNulty said:

“We’ve talked about ‘we want you to get off InfoPath’ but we never gave you a good answer before. We’ve really learned from that. And now we have the answer, and the answer is PowerApps and Flow. They are the successor to the InfoPath / SharePoint Designer model.”

This week Microsoft announced the general availability of PowerApps and Flow, and at the same time on its SharePoint blog made the most definitive statement to date about these new products being the designated replacements for InfoPath:

“PowerApps and Microsoft Flow are tools for business users to build business applications and automation in SharePoint today and tomorrow. They are the successors to InfoPath and SharePoint Designer for many common business scenarios, especially custom forms used on SharePoint lists.”

2. PowerApps is not a SharePoint-first or browser-first offering

If you aren’t yet familiar with PowerApps, here’s a little background:

It is a product of Azure, not SharePoint. It has close ties to Dynamics 365 and an underlying goal of promoting the use of the Common Data Service (aka Common Data Model).
Its full-power design tool is a Windows (Win32) application, with a browser-based version being developed after.
Its full-featured clients are mobile apps, with browser-based form filling promised on the roadmap.

So PowerApps was invented as a Windows application to design mobile apps that consume Azure services. The idea that it will also be used as a browser-based interface to modern SharePoint lists has been a later development.

There’s an interesting historical parallel here, because InfoPath itself was not originally intended for designing web-based forms for SharePoint. But SharePoint needed such a tool, and InfoPath was ultimately pulled in to fill that role. Now it’s PowerApps’ turn.

3 PowerApps only partially replaces InfoPath

The integration with SharePoint is clearly focused on providing a rich user interface to data in SharePoint lists. While list UI has been a common use for InfoPath in the SharePoint community, it’s important to note that it’s only one of many uses for InfoPath. (In this sense PowerApps might more precisely be called a replacement for FoSL — the Forms on SharePoint Lists project announced in January 2014 and later discontinued.)

Microsoft has clearly been giving caveats. The slide at Ignite read:

“PowerApps is the successor for forms scenarios, but doesn’t seek feature parity with InfoPath.”

Chris McNulty said in his presentation:

“There are some scenarios InfoPath excels at — the offline access, those rich XML document scenarios — these you should continue to use.”

So while Microsoft is developing PowerApps as the new best way to create rich user interfaces for SharePoint lists, they are not promising to replace other scenarios in which InfoPath is commonly used.

InfoPath Scenarios not supported by PowerApps

If you use InfoPath for any of the following scenarios, PowerApps is not recommended, even by Microsoft, as a replacement:

Offline scenarios in which InfoPath Filler can be used without an Internet connection.
Rich XML document scenarios in which forms can be moved, shared, reopened, edited, or processed for data.
Wider audience scenarios in which users outside the organization are filling the forms. PowerApps only supports appropriately licensed users in the same organization.

For these kinds of scenarios, there is no reason to believe that Microsoft will be providing any new alternative to InfoPath, so it’s probably time to get serious about investigating third-party solutions.

Sunday 22 July 2018

Work with __REQUESTDIGEST in REST API

SharePoint 2013 (and previous versions) uses a client side “token” to validate posts back to SharePoint to prevent attacks where the user might be tricked into posting data back to the server. This token is known by many names; form digest or message digest or request digest. The token is unique to a user and a site and is only valid for a (configurable) limited time.

When executing non-GET REST requests to the SharePoint API, you must add a valid request digest to your request. This digest proves validity of your request to SharePoint. Because this token is valid only for a limited period of time, you have to ensure that the token you have is valid before adding it to your request or the request fails.

In classic pages, SharePoint includes a request digest token on the page in a hidden field named __REQUESTDIGEST. One of the most common approaches to work with the request digest is to obtain it from that field and add it to the request, for example:

var digest = $('#__REQUESTDIGEST').val();
$.ajax({
    url: '/_api/web/...'
    method: "POST",
    headers: {
        "Accept": "application/json; odata=nometadata",
        "X-RequestDigest": digest
    },
    success: function (data) {
      // ...
    },
    error: function (data, errorCode, errorMessage) {
      // ...
    }
});

Such a request would work initially, but if the user has the page open for a longer period of time, the request digest on the page expires and the request fails with a 403 FORBIDDEN result. By default, a request digest token is valid for 30 minutes, so before using it, you have to ensure that it's still valid. In the past you had to do this manually, by comparing the timestamp from the request digest with the current time.