5

Using just a password-based authentication, it's easy to authenticate in CSOM:

context.Credentials = new SharePointOnlineCredentials(username, password);

But how to authenticate when Multi-factor authentication is in place (http://technet.microsoft.com/en-us/library/dn249471.aspx)?

Edwin
  • 527
  • 7
  • 15
  • we decided to use oauth authentication to circumvent MFA – ovolko Nov 13 '15 at 22:35
  • We thought about that, but how do you handle MFA in OAuth? You must still ask the user interactively to enter a pincode and you must write all code for that yourself, or is there a library for that? – Edwin Nov 19 '15 at 09:13
  • 1
    My understanding is once you've got a token, you just authenticate ClientContext via injecting Bearer authentication into the request in ClientContext.ExecutingWebRequest without setting the credentials and using the password in any way - which should not trigger MFA. – ovolko Nov 19 '15 at 10:10

1 Answers1

2

Use an app password in place of your normal one.

Generate an app password here:

https://account.activedirectory.windowsazure.com/AppPasswords.aspx

Or go to

https://portal.office.com/account/#security

and click Additional Security Verification > Create app password.

You can always revoke/delete the app password later.

Dunc
  • 18,404
  • 6
  • 86
  • 103