Get user identity and properties in SharePoint

Retrieve user identity and user information in SharePoint.

Note The name "apps for SharePoint" is changing to "SharePoint Add-ins". During the transition, the documentation and the UI of some SharePoint products and Visual Studio tools might still use the term "apps for SharePoint". For details, see New name for apps for Office and SharePoint.

There are different ways to retrieve user identity and information, depending on what information you want to retrieve. This article shows you some of the ways you can accomplish that.

Prerequisites for retrieving user identity and properties

Note For guidance on how to setup a development environment that fits your needs, see Get started creating provider-hosted SharePoint Add-ins.

Core concepts to know for retrieving user identity and properties

The following table lists some useful articles that can help you to understand the concepts involved in creating SharePoint Add-ins.

**Article ** Description
Add-in permissions in SharePoint Learn about SharePoint add-in permissions for working with SharePoint, including types of add-in permissions, permission request scopes, and managing permissions. This article also discusses the differences in add-in permission rights, and user rights.
Context Token OAuth flow for SharePoint Add-ins Learn about the OAuth authentication and authorization flow for cloud-hosted add-ins.
Get started creating provider-hosted SharePoint Add-ins Learn how to create a basic provider-hosted SharePoint Add-in with the Office Developer Tools for Visual Studio 2012, how to interact with Microsoft SharePoint sites by using the SharePoint CSOM, and how to implement OAuth in a SharePoint Add-in.

Retrieving current website user identity

The easiest way to retrieve the identity of the current user of the website is via the Web object. With the TokenHelper.cs file in your project, you can get the current website user identity using the following code snippet.

ClientContext clientContext =
                        sharepointUrl.ToString(), accessToken);

            //Load the properties for the Web object.
            Web web = clientContext.Web;

            //Get the site name.
            siteName = web.Title;

            //Get the current user.
            currentUser = clientContext.Web.CurrentUser.LoginName;
  • If you are using Office 365, the login name you get is similar to i:0#.f|membership|

  • If you are using Microsoft SharePoint on-premises and the user is logged in as a normal user using NTLM, the login name you get is similar to i:0#.w|contoso\adam.

  • If you are using SharePoint on-premises and the user is logged in using a farm account, the login name you get is SHAREPOINT\System.

Retrieving user identity using the ResolvePrincipal method

The following is another way to retrieve user's login name. If you have the user's email address or display name, you can use the ResolvePrincipal method to get the user's login name.

Note The APIs are in the Microsoft.SharePoint.Client.Utilities namespace in the Microsoft.SharePoint.Client.dll assembly.

The following is sample code to show how to get the user login information.

ClientResult<Microsoft.SharePoint.Client.Utilities.PrincipalInfo> persons = Microsoft.SharePoint.Client.Utilities.Utility.ResolvePrincipal(clientContext, clientContext.Web, <email>, Microsoft.SharePoint.Client.Utilities.PrincipalType.User, Microsoft.SharePoint.Client.Utilities.PrincipalSource.All, null, true);
                    Microsoft.SharePoint.Client.Utilities.PrincipalInfo person = persons.Value;

The Person.LoginName value gives the login information.

Retrieving user identity and profile properties

If you want to retrieve the user's identity and properties, you can use the OAuth token and the social features APIs. First get the OAuth token and then set it to the client context. The following sample code shows how to get the user profile properties.

ClientContext clientContext = new ClientContext(<sharepointurl>);
clientContext.AuthenticationMode = ClientAuthenticationMode.Anonymous;
clientContext.FormDigestHandlingEnabled = false;
clientContext.ExecutingWebRequest +=
delegate(object oSender, WebRequestEventArgs webRequestEventArgs)
    webRequestEventArgs.WebRequestExecutor.RequestHeaders["Authorization"] =
        "Bearer " + accessToken;

Then, use the UserProfilesPeopleManager API to get the properties of the user who is using the add-in.

PeopleManager peopleManager = new PeopleManager(clientContext);
PersonProperties personDetails = peopleManager.GetMyProperties();
clientContext.Load(personDetails, personsD => personsD.AccountName, personsD => personsD.Email,  personsD => personsD.DisplayName);

For the code to work:

  • The user profile shared service should be configured and synced on SharePoint for the users.

  • You must add the following permission scope for social features in the add-in manifest:

  <AppPermissionRequest Right="Read" Scope="http://sharepoint/social/tenant" />

The APIs are in Microsoft.SharePoint.Client.UserProfiles.dll.

The following is another sample code snippet that shows how to access the user profile store.

ClientContext clientContext; //Create this like you normally would.               
PeopleManager peopleManager = new PeopleManager(clientContext);
PersonProperties myProperties = peopleManager.GetMyProperties();

Additional resources