WPF Azure AD App registration Login + API request with Sharepoint Online problem

Damien 1 Reputation point MVP

I am trying to use an Azure AD App Registration with a WPF application to upload and download files using Sharepoint Online.

I used https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-windows-desktop to authenticate.

I have set up the login, and this works without problem. I get the tokens back. (Microsoft.Identity.Client 4.6)

I added the sharepoint graph API delegated "Sites.FullControl.All"

I tried using the nuget packages SharePointPnPCoreOnline and Microsoft.SharePointOnline.CSOM with the access token from the Azure AD login.

The App registration is created in the same tenant as the sharepoint.

No matter what I try, I cannot get this to work. (401 returned)

I want to CRUD files in a sharepoint List.

Have you any ideas, how I could solve this, examples? Or is there any docs for this?

Regards Damien

Azure Service Fabric
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.
253 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,070 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Shawn Fagan 1 Reputation point

    Try SharePoint App Only. From my understanding, SP PnP and CSOM don't use the Graph API, so the Azure App Registration will not work.


    0 comments No comments

  2. Damien 1 Reputation point MVP

    sfagan this doesn't work because the redirect URL is urn:ietf:wg:oauth:2.0:oob, which is not allowed

    0 comments No comments

  3. Shawn Fagan 1 Reputation point

    URL Redirect setting in SharePoint or your app? In SharePoint I have normally used http://localhost without issue.

    0 comments No comments

  4. Damien 1 Reputation point MVP
    0 comments No comments

  5. Noah Zemp 1 Reputation point

    Hi Damien

    In my opinion using Graph API was a good idea, but I think problem is the Permission you gave your AAD App, because Sites are only the different Sites you have on Sharepoint, they contain other things like Lists and Drives(the place where files are saved). But they're not the actual Files you want to Access.

    So if you want to Access your Files i'd recommend using the permission/scope Files.ReadWrite.All.

    Regards Noah

    0 comments No comments