Reputation: 1
Authentication From a ASP.NET WebApi Using App+User Context for Sharepoint
Scenario :
1. Spfx Webpart (On Sharepoint sitecollection) calls a WEBApi protected by Azure AD.
a. Obtain Access Token (Implicit) from an Enterprise App (App registration in Azure AD) representing the WEB Api
b. Attach the access token as a header in the Fetch Request to the Web Api UpdateList method (Updates a list in a Sharepoint site collection)
2. WEBApi is making CSOM REST Calls using App Only Context generated using a Sharepoint Add-in’s Client ID and Secret (created through AppRegNew.aspx on the SiteCollection level)
a. The Sharepoint Add-in has SiteCollection level permissions granted by Admin
b. The WebApi is adding an item to a list in the same SiteCollection as the add-in using CSOM.
c. The “Created By” and “Modified By” list properties reflects the Application which did the update because it is using the app only ClientContext
Ask: A way to implement app + user Authorization. The End Result should be that the “Created By” and “Modified By” fields should have the User Names rather than App Names
Upvotes: 0
Views: 364
Answers (1)
Reputation: 1413
You are using App-Only which means that Created By and Modified By will always be an Add-In name. You would have to use App+User permissions to have the Created By and Modified By set to real user instead an Add-In name.
Uncheck the App-Only checkbox in application manifest.
Upvotes: 0
Related Questions
- Authentication between Web App, Web API and Mobile App
- WebAPI scope authorization through azure app registrations
- how to manually assign a Token to a user context in WebApi
- Authorize at web app with access token from web api
- Custom Authorization in Asp.net WebApi - what a mess?
- How to get user context during Web Api calls?
- OWIN/OAuth2 3rd party login: Authentication from Client App, Authorization from Web API
- Implement OAuth with ASP.NET WebAPI
- Mobile app Web API authentication
- context.Request.User is null in OWIN OAuthAuthorizationServerProvider