I am unable to authenticate to SharePoint Online using SharePointOnlineCredentials, receiving the error message:
Identity Client Runtime Library (IDCRL) encountered an error while talking to the partner STS.
This same code worked until we implemented AD FS to federate authentication to our Active Directory. And, in fact, the code still works when I access my own personal SharePoint Online site, which does not use federated services. This leads me to suspect there is a problem using SharePointOnlineCredential with federated services.
Can anyone confirm this is the case? And, if so, what is the workaround?
I created a simple program to verify this issue, which follows:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Microsoft.SharePoint.Client;
using Microsoft.Online.SharePoint.Client;
using System.Security;
namespace SPOConsole
{
class Program
{
static void Main(string[] args)
{
var targetSite = new Uri("<https://<mydomain>.sharepoint.com>");
var login = "<myuserid>@<mydomain>.com";
var password = "<mypassword>";
var securePassword = new SecureString();
foreach (char c in password)
{
securePassword.AppendChar(c);
}
var onlineCredentials = new SharePointOnlineCredentials(login, securePassword);
using (ClientContext clientContext = new ClientContext(targetSite))
{
clientContext.Credentials = onlineCredentials;
Web web = clientContext.Web;
clientContext.Load(web,
webSite => webSite.Title);
clientContext.ExecuteQuery();
Console.WriteLine(web.Title);
Console.Read();
}
}
}
}
The code fails on the line:
var onlineCredentials = new SharePointOnlineCredentials(login, securePassword);
Following is the stack trace:
Microsoft.SharePoint.Client.IdcrlException was unhandled
HResult=-2147186451
Message=Identity Client Runtime Library (IDCRL) encountered an error while talking to the partner STS.
Source=Microsoft.SharePoint.Client.Runtime
ErrorCode=-2147186451
StackTrace:
at Microsoft.SharePoint.Client.Idcrl.ManagedIdcrl.CheckHResult(Int32 hr)
at Microsoft.SharePoint.Client.Idcrl.ManagedIdcrl.LogonIdentity(String username, SecureString password)
at Microsoft.SharePoint.Client.Idcrl.SharePointOnlineAuthenticationProvider.Logon(String username, SecureString password)
at Microsoft.SharePoint.Client.SharePointOnlineCredentials..ctor(String username, SecureString password)
at SPOConsole.Program.Main(String[] args) in c:\Users\michael.norton\Documents\Visual Studio 2012\Projects\SimpleSPOConnection\SPOConsole\Program.cs:line 26
at System.AppDomain._nExecuteAssembly(RuntimeAssembly assembly, String[] args)
at System.AppDomain.ExecuteAssembly(String assemblyFile, Evidence assemblySecurity, String[] args)
at Microsoft.VisualStudio.HostingProcess.HostProc.RunUsersAssembly()
at System.Threading.ThreadHelper.ThreadStart_Context(Object state)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
InnerException: