-
Notifications
You must be signed in to change notification settings - Fork 988
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Azure ACS App based authentication fails for Tenant Level Operation #9678
Comments
You're not alone. We started to have problems with some security calls, and removing sitecollections by code using Apps. Testing code manually with real user is ok. Problem is in CSOM and PNP calls. |
Seems like the calls are failing when using App based authentication. Executing Get-PnPTenantSite works for user context, fails for App based context. I have raised a MS case as well, but so far no traction. |
I'm seeing something similar that started earlier today.
|
we changed the connection to clientid and certificate and fixed on the PNP side. the certificate should be uploaded to the app. $bytes = Get-Content '.\PnPPowerShell.pfx' -AsByteStream from https://pnp.github.io/powershell/articles/connecting.html |
this issue is resolved now by MS |
Target SharePoint environment
SharePoint Online
What SharePoint development model, framework, SDK or API is this about?
SharePoint CSOM
Developer environment
Windows
What browser(s) / client(s) have you tested
Additional environment details
C# based code
Describe the bug / error
We are currently using CSOM based model to setup properties of a Site. The context is built using GetACSAppOnlyContext(clientid, clientsecret).
var adminURL = "https://tenant-admin.sharepoint.com/";
var context = TokenHelperTenant.GetContext(adminURL);
var tenant = new Tenant(context);
var siteProperties = tenant.GetSitePropertiesByUrl("https://tenant.sharepoint.com/sites/portal", true);
context.Load(siteProperties, s =] s.SharingCapability);
context.ExecuteQuery(); //line where the error occurs - "Attempted to perform an unauthorized operation"
The Client App being used has Tenant level Full control permission which was created using appregnew.aspx page and I have ensured DisableCustomAppAuthentication setting is not enabled at the tenant level.
We have started facing the issue starting today. Kindly assist. The issue happens when Get-PnPTenantSite cmdlet is also used.
Steps to reproduce
Expected behavior
Should be able to access the properties of the Site from the Tenant
The text was updated successfully, but these errors were encountered: