OpenID Connect for SharePoint Online

Suresh S 1 Reputation point
2022-06-22T09:56:21.507+00:00

Hi All,

Is Open ID Connect good for SharePoint O365?

I am looking for the feasibility approach to authenticate/connect the MFA enabled SharePoint O365 via program. Please share the thoughts and inputs.

Regards
Suresh S

SharePoint Server
SharePoint Server
A family of Microsoft on-premises document management and storage systems.
2,147 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,155 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,547 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,557 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. sadomovalex 3,621 Reputation points
    2022-06-22T15:02:27.79+00:00

    authenticate/connect the MFA enabled SharePoint O365 via program

    before to go with Open ID one question: do you need to run your code under delegated permissions (on behalf of some user) or it is Ok to run it under application permissions? In last case regular approach is to register new app in Azure AD (which is behind your SP Online), then for this app add API permissions > Sharepoint (there are several different permissions, check what is needed for your scenario), grant admin consent and then generate client secret. After that you may use clientId/secret to connect to SPO (also MS recommends nowdays to use SSL certificate instead of client secret, but it is bit more complex. You may start with client secret as well)


  2. Tong Zhang_MSFT 9,111 Reputation points
    2022-06-24T08:34:44.627+00:00

    Hi @Suresh S ,

    I agree with sadomovalex's answer, according to my research and testing, you can connect to SharePoint Online by getting the Client Id/Secret. You can refer to the following article to use Client Id/Secret:

    https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs

    Hope it can help you. Thanks for your understanding.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



  3. Yasser Eid Abdel Moaty Ewais 1 Reputation point
    2022-06-26T03:36:31.723+00:00

    In SharePoint 2019 and prior versions, SharePoint Server supported three types of authentication methods:

    Windows authentication (NTLM, Kerberos, etc.)
    Forms-based authentication
    SAML 1.1-based authentication
    With this new capability, you can now set up an OIDC-enabled SPTrustedIdentityTokenIssuer that works with a remote identity provider to enable OIDC authentication.

    0 comments No comments

  4. Suresh S 1 Reputation point
    2022-07-07T00:01:54.72+00:00

    I am getting the below issue when using the App Only authentication.

    Exception Message: Could not load file or assembly 'Microsoft.SharePoint.Client, Version=16.1.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)

    I have included this "OfficeDevPnP.Core.dll".