SharePoint CSOM with .net standard | Credentials vs App
-
15-02-2021 - |
Question
I am trying to understand how the authentication works using a .NET core application to O365. The article here describes it: https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/using-csom-for-dotnet-standard But it requires registering an app AND providing user name and password. My question is, why do I need to provide username and password with the authentication if we're registering an app already? What's the use of registering an app if we'll pass username and password anyway?
Solution
since you mention you are using .netcore i assume its a stand alone webapp and not a provider hosted app. If that is the case you can simply implement OAuth for authenticating your user with Azure AD. It doesn't need username and password, but a ClientID
and a Client Secret
to interact. The link you shared uses credentials just for demo purpose.
Now Why the AAD app is needed? For this you need to understand Authorization code flow. The AAD app helps you for requesting access token for you. You will have to configure appropriate API permissions that you will need to access within you .netcore application.
This can simply work as
string siteUrl = "https://tenant.sharepoint.com/sites/mysite";
using (var cc = new AuthenticationManager().GetAppOnlyAuthenticatedContext(siteUrl, "[Client_ID]", "[Client_Secret]"))
{
cc.Load(cc.Web, p => p.Title);
cc.ExecuteQuery();
Console.WriteLine(cc.Web.Title);
};