WPF Azure AD App registration Login + API request with Sharepoint Online problem

Damien 1 Reputation point
2019-11-08T00:58:27.213+00:00

I am trying to use an Azure AD App Registration with a WPF application to upload and download files using Sharepoint Online.

I used https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-windows-desktop to authenticate.

I have set up the login, and this works without problem. I get the tokens back. (Microsoft.Identity.Client 4.6)

I added the sharepoint graph API delegated "Sites.FullControl.All"

I tried using the nuget packages SharePointPnPCoreOnline and Microsoft.SharePointOnline.CSOM with the access token from the Azure AD login.

The App registration is created in the same tenant as the sharepoint.

No matter what I try, I cannot get this to work. (401 returned)

I want to CRUD files in a sharepoint List.

Have you any ideas, how I could solve this, examples? Or is there any docs for this?

Regards Damien

Azure Service Fabric
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.
214 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,895 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Shawn Fagan 1 Reputation point
    2019-11-08T01:11:17.793+00:00

    Try SharePoint App Only. From my understanding, SP PnP and CSOM don't use the Graph API, so the Azure App Registration will not work.

    https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs

    0 comments No comments

  2. Damien 1 Reputation point
    2019-11-08T07:29:34.093+00:00

    sfagan this doesn't work because the redirect URL is urn:ietf:wg:oauth:2.0:oob, which is not allowed

    0 comments No comments

  3. Shawn Fagan 1 Reputation point
    2019-11-08T11:56:50.53+00:00

    URL Redirect setting in SharePoint or your app? In SharePoint I have normally used http://localhost without issue.

    0 comments No comments

  4. Damien 1 Reputation point
    2019-11-09T20:59:58.987+00:00
    0 comments No comments

  5. Noah Zemp 1 Reputation point
    2019-12-10T11:46:28.1+00:00

    Hi Damien

    In my opinion using Graph API was a good idea, but I think problem is the Permission you gave your AAD App, because Sites are only the different Sites you have on Sharepoint, they contain other things like Lists and Drives(the place where files are saved). But they're not the actual Files you want to Access.

    So if you want to Access your Files i'd recommend using the permission/scope Files.ReadWrite.All.

    Regards Noah

    0 comments No comments