I'm trying to connect to sharepoint from a service. I already registered the app in Entra and succesfully made a connection to sharepoint when using a certificate. But the customer has provides us a clientsecret instead of a certificate. (still made in Entra, so this is not ACS if I understand correctly)
But I can't seem to find a method to provide a client secret for authentication in PnpCore. In Pnp.Framework there is a PnP.Framework.AuthenticationManager method that accepts a clientsecret, but then you must pass a user assertion token.
.ConfigureServices((hostContext, services) =>
{
var configuration = hostContext.Configuration;
services.AddPnPCoreAuthentication(
options =>
{
var authOptions = new PnPCoreAuthenticationCredentialConfigurationOptions
{
ClientId = configuration.GetValue<string>("SharepointConnection:clientId"),
TenantId = configuration.GetValue<string>("SharepointConnection:tenantId"),
X509Certificate = new PnPCoreAuthenticationX509CertificateOptions
{
StoreName = StoreName.My,
StoreLocation = StoreLocation.LocalMachine,
Thumbprint = configuration.GetValue<string>("SharepointConnection:thumbPrint")
}
};
options.Credentials.Configurations.Add("SharepointAuth", authOptions);
options.Credentials.DefaultConfiguration = "SharepointAuth";
options.Sites.Add("SiteToWorkWith",
new PnPCoreAuthenticationSiteOptions
{
AuthenticationProviderName = "SharepointAuth"
});
});
})
Client Secrets are not supported for app-only authentication. You MUST use a certificate. Note that this can be ANY certificate, i.e. including self-signed ones you (or your customer) created yourself, it does not need to be issued by authority.
The method that works with client secret is for delegated authentication.