question

DamienBowden-3028 avatar image
0 Votes"
DamienBowden-3028 asked ·

WPF Azure AD App registration Login + API request with Sharepoint Online problem

I am trying to use an Azure AD App Registration with a WPF application to upload and download files using Sharepoint Online.

I used https://docs.microsoft.com/en-us/azure/active-directory/develop/tutorial-v2-windows-desktop to authenticate.

I have set up the login, and this works without problem. I get the tokens back. (Microsoft.Identity.Client 4.6)

I added the sharepoint graph API delegated "Sites.FullControl.All"

I tried using the nuget packages SharePointPnPCoreOnline and Microsoft.SharePointOnline.CSOM with the access token from the Azure AD login.

The App registration is created in the same tenant as the sharepoint.

No matter what I try, I cannot get this to work. (401 returned)

I want to CRUD files in a sharepoint List.

Have you any ideas, how I could solve this, examples? Or is there any docs for this?

Regards Damien

azure-active-directoryservice-fabric-standalone
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

5 Answers

sfagan avatar image
0 Votes"
sfagan answered ·

Try SharePoint App Only. From my understanding, SP PnP and CSOM don't use the Graph API, so the Azure App Registration will not work.

https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs


· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DamienBowden-3028 avatar image
0 Votes"
DamienBowden-3028 answered ·

sfagan this doesn't work because the redirect URL is urn:ietf:wg:oauth:2.0:oob, which is not allowed

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

sfagan avatar image
0 Votes"
sfagan answered ·

URL Redirect setting in SharePoint or your app? In SharePoint I have normally used http://localhost without issue.

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DamienBowden-3028 avatar image
0 Votes"
DamienBowden-3028 answered ·

Hi Sfagen thanks for your answer. I solved this using Graph API

https://damienbod.com/2019/11/09/wpf-azure-ad-signin-with-sharepoint-online-api-call-using-graph-api/

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

NoahZemp avatar image
0 Votes"
NoahZemp answered ·

Hi Damien

In my opinion using Graph API was a good idea, but I think problem is the Permission you gave your AAD App, because Sites are only the different Sites you have on Sharepoint, they contain other things like Lists and Drives(the place where files are saved). But they're not the actual Files you want to Access.

So if you want to Access your Files i'd recommend using the permission/scope Files.ReadWrite.All.

Regards Noah

· Share
10 |1000 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.