ghost
commented
1 year ago Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.
Open danmyhre opened 1 year ago
ghost
commented
1 year ago Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.
michaelmaillot
commented
1 year ago Hi @danmyhre
If I'm not mistaken, regarding the usage of SharePoint Online REST API in an Application context, you can only authenticate using a certificate. So it's not only a limitation in PnP.
I agree that using a secret works with Microsoft Graph but in the page you're refering to, it's about authenticating on SharePoint Online.
If you want to use a secret, the only working way is to go through the "legacy" SharePoint App-Only way: https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs
In this section, it says certificates must be used.
https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread#can-i-use-other-means-besides-certificates-for-realizing-app-only-access-for-my-azure-ad-app
Using a client secret with an AAD app reg also works with graph.
Are there some limitations there? Is MSFT taking away support for secrets on app-only scenarios or is this specifically a limitation in PnP?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.