How to setup a connection to Sharepoint with enterprise app and client secret - Stack Overflow

admin管理员组

文章数量:1023838

I'm trying to connect to sharepoint from a service. I already registered the app in Entra and succesfully made a connection to sharepoint when using a certificate. But the customer has provides us a clientsecret instead of a certificate. (still made in Entra, so this is not ACS if I understand correctly)

But I can't seem to find a method to provide a client secret for authentication in PnpCore. In Pnp.Framework there is a PnP.Framework.AuthenticationManager method that accepts a clientsecret, but then you must pass a user assertion token.

.ConfigureServices((hostContext, services) =>
{
    var configuration = hostContext.Configuration;

    services.AddPnPCoreAuthentication(
        options =>
        {
            var authOptions = new PnPCoreAuthenticationCredentialConfigurationOptions
            {
                ClientId = configuration.GetValue<string>("SharepointConnection:clientId"),
                TenantId = configuration.GetValue<string>("SharepointConnection:tenantId"),
                X509Certificate = new PnPCoreAuthenticationX509CertificateOptions
                {
                    StoreName = StoreName.My,
                    StoreLocation = StoreLocation.LocalMachine,
                    Thumbprint = configuration.GetValue<string>("SharepointConnection:thumbPrint")
                }
            };

            options.Credentials.Configurations.Add("SharepointAuth", authOptions);
            options.Credentials.DefaultConfiguration = "SharepointAuth";

            options.Sites.Add("SiteToWorkWith",
                new PnPCoreAuthenticationSiteOptions
                {
                    AuthenticationProviderName = "SharepointAuth"
                });
        });

})

I'm trying to connect to sharepoint from a service. I already registered the app in Entra and succesfully made a connection to sharepoint when using a certificate. But the customer has provides us a clientsecret instead of a certificate. (still made in Entra, so this is not ACS if I understand correctly)

But I can't seem to find a method to provide a client secret for authentication in PnpCore. In Pnp.Framework there is a PnP.Framework.AuthenticationManager method that accepts a clientsecret, but then you must pass a user assertion token.

.ConfigureServices((hostContext, services) =>
{
    var configuration = hostContext.Configuration;

    services.AddPnPCoreAuthentication(
        options =>
        {
            var authOptions = new PnPCoreAuthenticationCredentialConfigurationOptions
            {
                ClientId = configuration.GetValue<string>("SharepointConnection:clientId"),
                TenantId = configuration.GetValue<string>("SharepointConnection:tenantId"),
                X509Certificate = new PnPCoreAuthenticationX509CertificateOptions
                {
                    StoreName = StoreName.My,
                    StoreLocation = StoreLocation.LocalMachine,
                    Thumbprint = configuration.GetValue<string>("SharepointConnection:thumbPrint")
                }
            };

            options.Credentials.Configurations.Add("SharepointAuth", authOptions);
            options.Credentials.DefaultConfiguration = "SharepointAuth";

            options.Sites.Add("SiteToWorkWith",
                new PnPCoreAuthenticationSiteOptions
                {
                    AuthenticationProviderName = "SharepointAuth"
                });
        });

})

• sharepoint
• connection
• credentials
• pnp-core-sdk
• pnp-framework

Share Improve this question Follow asked Nov 19, 2024 at 13:43 F. IdeF. Ide 1322 bronze badges

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 0

Client Secrets are not supported for app-only authentication. You MUST use a certificate. Note that this can be ANY certificate, i.e. including self-signed ones you (or your customer) created yourself, it does not need to be issued by authority.

The method that works with client secret is for delegated authentication.

I'm trying to connect to sharepoint from a service. I already registered the app in Entra and succesfully made a connection to sharepoint when using a certificate. But the customer has provides us a clientsecret instead of a certificate. (still made in Entra, so this is not ACS if I understand correctly)

But I can't seem to find a method to provide a client secret for authentication in PnpCore. In Pnp.Framework there is a PnP.Framework.AuthenticationManager method that accepts a clientsecret, but then you must pass a user assertion token.

.ConfigureServices((hostContext, services) =>
{
    var configuration = hostContext.Configuration;

    services.AddPnPCoreAuthentication(
        options =>
        {
            var authOptions = new PnPCoreAuthenticationCredentialConfigurationOptions
            {
                ClientId = configuration.GetValue<string>("SharepointConnection:clientId"),
                TenantId = configuration.GetValue<string>("SharepointConnection:tenantId"),
                X509Certificate = new PnPCoreAuthenticationX509CertificateOptions
                {
                    StoreName = StoreName.My,
                    StoreLocation = StoreLocation.LocalMachine,
                    Thumbprint = configuration.GetValue<string>("SharepointConnection:thumbPrint")
                }
            };

            options.Credentials.Configurations.Add("SharepointAuth", authOptions);
            options.Credentials.DefaultConfiguration = "SharepointAuth";

            options.Sites.Add("SiteToWorkWith",
                new PnPCoreAuthenticationSiteOptions
                {
                    AuthenticationProviderName = "SharepointAuth"
                });
        });

})

I'm trying to connect to sharepoint from a service. I already registered the app in Entra and succesfully made a connection to sharepoint when using a certificate. But the customer has provides us a clientsecret instead of a certificate. (still made in Entra, so this is not ACS if I understand correctly)

But I can't seem to find a method to provide a client secret for authentication in PnpCore. In Pnp.Framework there is a PnP.Framework.AuthenticationManager method that accepts a clientsecret, but then you must pass a user assertion token.

.ConfigureServices((hostContext, services) =>
{
    var configuration = hostContext.Configuration;

    services.AddPnPCoreAuthentication(
        options =>
        {
            var authOptions = new PnPCoreAuthenticationCredentialConfigurationOptions
            {
                ClientId = configuration.GetValue<string>("SharepointConnection:clientId"),
                TenantId = configuration.GetValue<string>("SharepointConnection:tenantId"),
                X509Certificate = new PnPCoreAuthenticationX509CertificateOptions
                {
                    StoreName = StoreName.My,
                    StoreLocation = StoreLocation.LocalMachine,
                    Thumbprint = configuration.GetValue<string>("SharepointConnection:thumbPrint")
                }
            };

            options.Credentials.Configurations.Add("SharepointAuth", authOptions);
            options.Credentials.DefaultConfiguration = "SharepointAuth";

            options.Sites.Add("SiteToWorkWith",
                new PnPCoreAuthenticationSiteOptions
                {
                    AuthenticationProviderName = "SharepointAuth"
                });
        });

})

• sharepoint
• connection
• credentials
• pnp-core-sdk
• pnp-framework

Share Improve this question Follow asked Nov 19, 2024 at 13:43 F. IdeF. Ide 1322 bronze badges

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 0

Client Secrets are not supported for app-only authentication. You MUST use a certificate. Note that this can be ANY certificate, i.e. including self-signed ones you (or your customer) created yourself, it does not need to be issued by authority.

The method that works with client secret is for delegated authentication.

本文标签： How to setup a connection to Sharepoint with enterprise app and client secretStack Overflow