WPF Azure AD App registration Login + API request with Sharepoint Online problem

Damien 1 Reputation point
2019-11-08T00:58:27.213+00:00

I am trying to use an Azure AD App Registration with a WPF application to upload and download files using Sharepoint Online.

I used https://learn.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-windows-desktop to authenticate.

I have set up the login, and this works without problem. I get the tokens back. (Microsoft.Identity.Client 4.6)

I added the sharepoint graph API delegated "Sites.FullControl.All"

I tried using the nuget packages SharePointPnPCoreOnline and Microsoft.SharePointOnline.CSOM with the access token from the Azure AD login.

The App registration is created in the same tenant as the sharepoint.

No matter what I try, I cannot get this to work. (401 returned)

I want to CRUD files in a sharepoint List.

Have you any ideas, how I could solve this, examples? Or is there any docs for this?

Regards Damien

Azure Service Fabric
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.
201 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,753 questions
No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Shawn Fagan 1 Reputation point
    2019-11-08T01:11:17.793+00:00

    Try SharePoint App Only. From my understanding, SP PnP and CSOM don't use the Graph API, so the Azure App Registration will not work.

    https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs

    No comments

  2. Damien 1 Reputation point
    2019-11-08T07:29:34.093+00:00

    sfagan this doesn't work because the redirect URL is urn:ietf:wg:oauth:2.0:oob, which is not allowed

    No comments

  3. Shawn Fagan 1 Reputation point
    2019-11-08T11:56:50.53+00:00

    URL Redirect setting in SharePoint or your app? In SharePoint I have normally used http://localhost without issue.

    No comments

  4. Damien 1 Reputation point
    2019-11-09T20:59:58.987+00:00
    No comments

  5. Noah Zemp 1 Reputation point
    2019-12-10T11:46:28.1+00:00

    Hi Damien

    In my opinion using Graph API was a good idea, but I think problem is the Permission you gave your AAD App, because Sites are only the different Sites you have on Sharepoint, they contain other things like Lists and Drives(the place where files are saved). But they're not the actual Files you want to Access.

    So if you want to Access your Files i'd recommend using the permission/scope Files.ReadWrite.All.

    Regards Noah

    No comments