sharepointoffice365sharepoint-onlinecsomproject-online

Project Online CSOM without using SharePointOnlineCredentials


We have a console application running every night which updates some project plans with CSOM. This uses the SharePointOnlineCredentials for authentication.

But the IT departments wants to change the flag of LegacyAuthProtocolsEnabled of the tenant to false. This has as consequence that SharePointOnlineCredentials can no longer be used as you can read here.

A suggested approach in the link above was to use a ClientId and ClientSecret. I've tested this with the PnP Core AutheticationManager function GetAppOnlyAuthenticatedContext. This works for a ClientContext object for SharePoint Online but it does not work after modifying this function to return a ProjectContext object. A ProjectServerError "GeneralNotLicensed" is thrown because the SharePoint Principal does not have a Project Online license (see here).

My third attempt was to use the Office365ClaimsHelper class found here. This contacts https://login.microsoftonline.com/extSTS.srf for a SAML token by providing the username and password. Now this approach works for a demo environment, but not for the production environment. I suspect because this has a Multi-Factor authentication.

To put things short: does anyone have an idea on how to get a ProjectContext object without using SharePointOnlineCredentials and without showing a pop-up to log in a user on a Multi-Factor authentication environment?


Solution

  • Managed to find a working solution thanks to following PowerShell script: https://blogs.technet.microsoft.com/sharepointdevelopersupport/2018/02/07/sharepoint-online-active-authentication/

    Translated this to C# code and calls to Project Online CSOM work!