Reputation: 384
How to authenticate with SharePoint Online for a PHP app?
We have our PHP application that requires authentication, and for our clients that run SharePoint we'd like to offer some kind of SSO service, so that the users can use their SharePoint credentials (we did something similar with Google Apps, CAS, ...)
Note: Obviously, our app is not hosted on the same domain/premices as SharePoint
I can't find the litterature about it, so any pointer would be welcome !
NB: we'd like to implement a proper tier authentification mechanism, so that the user can log into our app directly by typing the URL, and choose to login using SharePoint, exactly like you'd do with OAuth and the like...
Thanks in advance !
Upvotes: 11
Views: 13685
Answers (2)
Reputation: 59348
SharePoint Online (SPO) supports claims based authentication.
The below picture demonstrates how authentication is performed in SPO:
According to this post the authentication process consists of the following steps:
Steps:
- Send SAML Request to STS
- Receive SAML Response
- Send the Security Token to SharePoint Online
- Receive the authentication cookies
- Send requests including authentication cookies
phpSPO - SharePoint client for PHP supports SPO authentication.
The library provides a SharePoint Online (SPO) client for PHP applications. It allows you to performs CRUD operations on SharePoint data using an SharePoint 2013 REST/OData based API.
Examples
How to perform authentication in SharePoint Online (SPO):
try {
$client = new SPOClient($url);
$client->signIn($username,$password);
echo 'You have authenticated successfully\n';
}
catch (Exception $e) {
echo 'Authentication failed: ', $e->getMessage(), "\n";
}
The following examples demonstrates how to perform CRUD operations on SharePoint list data:
<?php
require_once 'SPOClient.php';
$username = '[email protected]';
$password = 'password';
$url = "https://tenant.sharepoint.com/";
$client = new SPOClient($url);
$client->signIn($username,$password);
//Get Tasks list
$listTitle = 'Tasks';
$list = $client->getList($listTitle);
//Create a Task item
$itemProperties = array('Title' => 'Order Approval', 'Body' => 'Order approval task');
$taskItem = $list->addItem($itemProperties);
print "Task '{$taskItem->Title}' has been created succesfully.\r\n";
$itemId = $taskItem->Id;
//Update a Task item
$itemProperties = array('PercentComplete' => 1);
$list->updateItem($itemId,$itemProperties);
//Delete a Task item
$list->deleteItem($itemId);
?>
References
SharePoint Online client for PHP
Upvotes: 7
Reputation: 11
Not sure if you still need help on this - Sharepoint is usually set to sync up with Active directory (AD/LDAP). So really if you have users that use sharepoint AND are being internally authenticated in their company via their Active directory login, then what you may want to look at is authenticating your app against LDAP (and use the email address or domain id as the username)
Here is some more info on that: Authenticating in PHP using LDAP through Active Directory
Upvotes: 1
Related Questions
- Authenticate a PHP application using Azure Active Directory connection
- SharePoint SSO with a PHP application on a different server?
- PHP - CURL Connection to a Website that uses Office365 to login
- OAuth 2.0 for API server and mobile application
- Simple API User Authentication with PHP
- Authenticating mobile app login using webservice using oauth connection
- Using PHP and LDAP to connect to Microsoft Office 365
- How do I authenticate a trusted app using OAUTH 2
- How to use Google App Authentication for a custom PHP Web App?
- Integrating openid authenticiation into a php application