SharePoint Online GetAppOnlyAuthentication suddenly stopped working

Kannan J 31 Reputation points
2021-06-10T09:57:12.497+00:00

Hi All,

Developed .Net application and hosted in Windows server 2012 r2. In application build by CSOM code for SharePoint Online.

Authentication: Added PnP Core package.
Used below coded to get authentication.

OfficeDevPnP.Core.AuthenticationManager.GetAppOnlyAuthenticatedContext(String siteUrl, String appId, String appSecret)

This code was working till last week suddenly it throws 401 Unauthorized error. After the windows security updates it's throw the error and application not working.

Checked & validated App Id and secret those valid and permission also available.

That same application works outside of the windows server 2012 r2. Also while try to connect SharePoint online in the IE it's not connecting. but other Office365 sites are open without any issues.

Below error message shown on IE if I tried to connect SharePoint Online site. 

This page can’t be displayed. Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://hostname again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

We enabled TLS 1.2 on the server and tried but no luck, same issue occurs.

Thanks in Advance

Regards,
Kannan

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,532 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,697 questions
0 comments
Accepted answer
  1. MichaelHan-MSFT 18,016 Reputation points
    2021-06-11T02:36:31.81+00:00

    Hi @Kannan J ,

    The similar issue was asked here: https://learn.microsoft.com/en-us/answers/questions/401398/sharepoint-add-in-failure-to-acquire-app-only-toke.html?childToView=406335#answer-406335

    This could be related with TLS 1.2, you could refer to this article for more: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/provider-hosted-app-pha-application-errors-tls-errors-and-401/ba-p/2273611

    104475-image.png

    You could refer to this post to add the supported cyphers for TLS 1.2: https://github.com/pnp/pnpframework/issues/336

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kannan J 31 Reputation points
    2021-06-11T13:56:17.763+00:00

    Hi @MichaelHan-MSFT

    Thank you for the quick response. This issue got resolved after update the TLS 1.2 Cipher suites.

    By using the [IISCrypto tool][1] and select these extra cyphers which solved our issue:

    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

    Thank you.

    Regards,
    Kannan.

    2 people found this answer helpful.