Hi
In my company I/T has just set up a new Sharepoint 2019 OnPremise, that is hybrid, using Azure AD for authentication.
I'm a site collection admin for my Sharepoint site collection. Let's say the URL to Sharepoint is https://aymeric.sp.my-company.com (only accessible from inside our network).
When I access this URL I'm automatically redirected to https://login.microsoftonline.com/TENANT-ID/wsfed?wa=wsignin1.0&wtrealm=urn%3aSharepoint%3afederation&wctx=https%3a%2f%2faymeric.sp.my-company.com%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&wreply=https%3a%2f%2faymeric.sp.my-company.com%2f_trust%2fdefault.aspx&sso_nonce=AQABAAAAAABeAFzDwllzTYGDLh_qYbH87qVvvwM4pLiqYXloFo6Il7_-ry9WsQiAA&client-request-id=8dacdcfb-c68f-4ec2-a3e7-7760cecf3699&mscrid=8dacdcfb-c86f-4ec2-a3e7-7760cecf3699 – I'm automatically identified and redirected back to Sharepoint with the correct profile.
One of my I/T contact gave me the below information:
Now I'm trying to access to Sharepoint Web Services (like https://aymeric.sp.my-company.com/_vti_bin/UserProfileService.asmx or another one) using JavaScript and a Node app (node index.js). I'm using this technique with a Sharepoint 2013 OnProm and I have no issue: I just pass my credentials using https://github.com/s-KaiNet/node-sp-auth and it just works.
If I try to access the SP 2019 Web Services in the browser, it just works too.
But using a Node app with this Sharepoint Hybrid based on Azure AD I cannot find how to pass credentials… What to send? How to authenticate? Do I need to use an Azure AD App to connect to my Sharepoint OnProm? If yes, how to configure? Should I just send an "Authentication" header with a "Bearer" and an access token: if yes, how to get this access token?
Whatever I try (and I tried dozen and dozen of things) I always end with (in best cases) an error 403 "Access denied. You do not have permission to perform this action or access this resource.".
I discussed with my I/T contact and he doesn't know how to help. He told me to use a Sharepoint App of my site collection, and not an Azure App. But if I try to connect with a Sharepoint App I got "AADSTS700016: Application with identifier '2a919657-3f38-43d4-a6ac-3a9f4fdedf9e' was not found in the directory 'TENANT-ID'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant."
Any help would be appreciated.
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 69%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAD%3C/text%3E%3C/svg%3E)