Sharepoint/ProjectOnline OData Authentication problem from C# application

  Kiến thức lập trình

I would like to request SP/PO OData from C# application. I think I’m doing everything according to guidlines:

  1. created Azure AD (now it is Microsoft Entra) app, add there secret:
    application setup

  2. Set api permissions. As far as I understood, I need just few of them like Site.ReadAll and ProjectWebAppReporting.Read, but because of problems i set up almsot all related to sites and reports:
    permissions

  3. In c# desktop app (actually, it will be win service), I use MSAL to get token:

string authority = $"https://login.microsoftonline.com/{tenantId}/";
string[] scopes = { $"https://{tenantName}.sharepoint.com/.default" };

IConfidentialClientApplication? app = ConfidentialClientApplicationBuilder.Create(clientId)
    .WithTenantId(tenantId)
    .WithClientSecret(clientSecret)
    .WithAuthority(new Uri(authority))
    .Build();
AuthenticationResult? result = await app.AcquireTokenForClient(scopes).ExecuteAsync();
  1. Use token in REST call:
string baseUrl = $"https://{configuration.TenantName}.sharepoint.com/sites/{configuration.OrganizationName}/_api/ProjectData/";
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
httpClient.BaseAddress = new Uri(baseUrl);
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
HttpResponseMessage response = await httpClient.GetAsync("Tasks");

The result of the GetAsync is 401 Unauthorized, Unsupported app only token.
As far as I understood, this error could be raised if used some kind of old style app registration inside sharepoint. But I use modern one – via Azure AD. So, I absolutely confused, what else should be done.
I tried command set-spotenant -DisableCustomAppAuthentication $false but without success
Could anyone help, what should be done else?

Theme wordpress giá rẻ Theme wordpress giá rẻ Thiết kế website

LEAVE A COMMENT