This is a demo project for the blog at cann0nf0dder.wordpress.com.
A console application using MSAL and .NET Core to connect to SharePoint Online.
- Create an Azure AD app registration (with the Client Certificate)
- Create a KeyVault
- Store the Certificate in the KeyVault
- Store the ClientID in the KeyVault Secrets
- Grant Application permissions for SharePoint > Sites.FullControl.All
This has been automated in a PowerShell Script. In the PowerShell folder run the .\install-AzureEnvironment.ps1
az login
.\Install-AzureEnvironment.ps1 -Environment:<TenantName> -Name:SharePointMSALThis will create the following in your environment if your TenantName is Contso
- Resource Group: Consto-SharePointMSAL
- App Registration: Contso-SharePointMSAL, granted with SharePoint > Sites.FullControl.All
- Key Vault: Contso-SharePointMSAL (Note:Will be truncated to 24 characters if longer)
- CertificateName stored in KeyVault as: Contso-SharePointMSAL
- ClientId stored in KeyVault Secret as: ConstoSharePointMSAL
Update the appsettings.json file for your environment
{
"environment": "<tenantName>",
"name": "SharePointMSAL",
"site": "<relative URL e.g, /sites/teamsite>"
}