CODEWITHSUNDEEP
sharepointsharepoint-onlineoffice365api
user2118851
user2118851

Reputation: 23

Fedauth, rtfa cookies not found in response sharepoint online auth

We are trying to get access token from sharepoint online.

using this postman api call https://mydomain.sharepoint.com/_forms/default.aspx?wa=wsignin1.0.

but not getting fedauth and rtfa cookies in return.only getting conext response cookie. Following this Link for Postman call. Anyone facing the same issue?

enter image description here

Upvotes: 0

Views: 1934

Answers (1)

Zella_msft
Zella_msft

Reputation: 372

First , You need to get a binary security token, you need to use Microsoft Security Token Service, please enter the following URL:

https://login.microsoftonline.com/extSTS.srf

Then ,needs to add following XML Envelope as a message body, replace [username], [password] & [yourdomain] with your data.Please set Content-Type to application/x-www-form-urlencoded in Request Header.

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
      xmlns:a="http://www.w3.org/2005/08/addressing"
      xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <s:Header>
    <a:Action s:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
    <a:ReplyTo>
      <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
    </a:ReplyTo>
    <a:To s:mustUnderstand="1">https://login.microsoftonline.com/extSTS.srf</a:To>
    <o:Security s:mustUnderstand="1"
       xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <o:UsernameToken>
        <o:Username>[username]@[YourDomain].onmicrosoft.com</o:Username>
        <o:Password>[Password]</o:Password>
      </o:UsernameToken>
    </o:Security>
  </s:Header>
  <s:Body>
    <t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
      <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
        <a:EndpointReference>
          <a:Address>https://[yourdomain].sharepoint.com/</a:Address>
        </a:EndpointReference>
      </wsp:AppliesTo>
      <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType>
      <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
      <t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType>
    </t:RequestSecurityToken>
  </s:Body>
</s:Envelope>

In the return request, you will get "BinarySecurityToken", please copy it and add it to the "body".you can send a POST request to the following URL ,finally you will get fedauth and rtfa cookies.

https://[YourDomain].sharepoint.com/_forms/default.aspx?wa=wsignin1.0

Here are some screenshots you can refer to: enter image description here enter image description here enter image description here

Upvotes: 1

Related Questions