none
TokenHelper GetAppOnlyAccessToken is not working in new SharePoint Online tenancies RRS feed

  • Question

  • We have a SharePoint provider hosted add-in for SharePoint Online. It has App Only Web level Manage permission. Add-in is using below methods to create client context of SharePoint Online.

    Method # 1: When request directly comes from SharePoint with StandardTokens

    var spContext = SharePointContextProvider.Current.GetSharePointContext(HttpContext);
    var spfromUrlContext = spContext.CreateUserClientContextForSPHost();
    spfromUrlContext.ExecuteQuery();

    Method # 2: When there is URL of SharePoint rootweb

    string sp_web_url = "https://tenancyname.sharepoint.com/sites/spdevelopment/";
    var uri = new Uri(sp_web_url);
    var accessToken = TokenHelper.GetAppOnlyAccessToken(TokenHelper.SharePointPrincipal, uri.Authority, TokenHelper.GetRealmFromTargetUrl(uri));
    var spfromUrlContext = TokenHelper.GetClientContextWithAccessToken(uri.ToString(), accessToken.AccessToken);
    spfromUrlContext.ExecuteQuery();

    Both methods are working fine on our organization tenancy's SharePoint Online sites even on developer sites. Here we get SharePoint OAuth client id and client secret using [Site Collection URL]/_layouts/15/AppRegNew.aspx. But Method # 2 doesn't work if we publish Add-in on Microsoft partner store and throws exception at ExecuteQuery() statement. SharePoint provider hosted add-in returns 401 Unauthorized while using Client ID from partner store.

    We also identified that Method #2 doesn't work in new SharePoint Online tenancies.

    Please suggest any alternate way for Method # 2.



    Tuesday, November 3, 2020 4:10 AM