Unable to connect and get Sharepoint data from C# .Net Core App

Question

While using pnp.Framework in .Net 6 environment. I need authenticated client context to get Sharepoint Data but facing 403forbidden while running context.ExecuteQuery().

I want to use the clientId and clientSecret mode of authentication for getting data from my client to my environment but facing 403 forbidden request.

I registered App in the particular Azure Active Directory and added the following permissions.

using PnP.Framework;
using System.Security;
using System.Web;

namespace SharePointOnlinePNPProject
{
    public class Program
    {
        static async Task Main(string[] args)
        {
            string appID= "appId/clientId";
            string tenantId = "<tenantId>";
            string clientSecret = "";
            string queueTestingLink = "Input sharepoint url";
            Uri site = new Uri("https://clientDomain.sharepoint.com");
            string filePath= "/Shared Documents/Case Studies"

            SecureString password = new SecureString();
            foreach (char c in passcode)
            {
                password.AppendChar(c);
            }
            var scopes = new string[] { hostLink + ".default" };
            try
            {
               
                using (var context = new AuthenticationManager().GetACSAppOnlyContext(site.OriginalString, appID, clientSecret))
                {
                    var folder = context.Web.GetFolderByServerRelativeUrl(filePath);
                   
                   
                    context.Load(folder);
                    context.ExecuteQuery();
                    Console.WriteLine(folder.Name);
                }


            }
            catch (Exception ex)
            {
                Console.WriteLine(ex.Message);
            }

        }
    }
}

Answer 1

Use Sharepoint Admin Center to create App and use that App Id and Client secret to get authenticated client context. I was able to access data in the same code posted above.

Follow below steps to create Client Id and Secret for your organisations sharepoint tenant.

Step 1:

• Go to your organisations AppRegNew page: For example [https://organisation.sharepoint.com]/_layouts/15/AppRegNew.aspx
• Generate Client Id, Client Secret and save it in a secure place
• Provide a suitable tittle
• Provide domain name and redirect uri (Can be anything. Even www.LocalHost.com)
• Check below sample AppRegNew page form

Step 2:

• Go to [https://organisation.sharepoint.com]/_layouts/15/appinv.aspx
• Enter app Id (AKA Client Id) and press lookup.
• Copy paste the below text in Permission Request XML and save

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
</AppPermissionRequests>

Step 3:

• You will receive a page similar to the one below. Click “Trust it” and complete the process.

• Use the Client Id and Client Secret we saved in first step for creating sharepoint pnp context and accessing the files in that organisation's tenant

In Conclusion:

• The above steps will create and add necessary permissions for our client credentials.
• Using this credentials we can create client context with pnp c# library code as provided in the question.
• Microsoft stopped AzureAD App access for authentication of sharepoint AppOnly Access. Using that method is useless unless we are willing to add self signed certificates in AzureAd.

For More Info : Please follow the below blog to configure app and get credentials. https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs