question

SureshS-9649 avatar image
0 Votes"
SureshS-9649 asked SureshS-9649 answered

C# Programmatically Authenticate SharePoint Online account enabled with MFA.

Hi All,

We have developed web application in ASP.net C# and all the documents are storing in SharePoint Online. As per the requirement, the documents details should be
taken from SharePoint Online and display in the application. We have an account in SharePoint Online enabled with MFA feature. The code has been authentication. But I am getting error.

Code:

ClientContext ctx = new ClientContext(strSiteURL);
SecureString secureString = new SecureString();
strPassword.ToList().ForEach(secureString.AppendChar);
ctx.Credentials = new SharePointOnlineCredentials(strUserID, secureString);
Site site = ctx.Site;
ctx.Load(site);
ctx.ExecuteQuery();

Error:
The sign-in name or password does not match one in the Microsoft account system.

I want to authenticate the SharePoint Online via MFA enabled user credentials without the OTP prompt or call.

How can I make it possible?

Thanks & Regards
Suresh Sankaran

office-sharepoint-onlinesharepoint-devoffice-sharepoint-server-developmentsharepoint-workflow
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MichaelHan-MSFT avatar image
0 Votes"
MichaelHan-MSFT answered MichaelHan-MSFT commented

Hi @SureshS-9649,

With MFA enabled, the method using class SharePointOnlineCredentials with username and password for authentication would not work.

You have only two options:
1. Use user credentials with the OTP prompt or call. This needs to install the package SharePointPnPCoreOnline: https://www.nuget.org/packages/SharePointPnPCoreOnline.

 var authManager = new OfficeDevPnP.Core.AuthenticationManager();  
 // This method calls a pop up window with the login page and it also prompts  
 // for the multi factor authentication code.  
 ClientContext ctx = authManager.GetWebLoginClientContext(siteUrl);


2.Use app-only for authentication: https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs



If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi MichaelHan,

Thank you for the inputs. Is there any setting in "Admin" side to disable the OTP popup that when problematically authenticate MFA.

Regards
Suresh

0 Votes 0 ·

@SureshS-9649,
No, there is no such settings. Unless you disable the MFA.

0 Votes 0 ·
SureshS-9649 avatar image
0 Votes"
SureshS-9649 answered

Hi,

I have explored App only and App password. But App Password will be deprecated from October 22 onwards. Is there any other approach except App Only.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.