0

I have a WPF desktop using the WebView2 control, and it works quite nicely. The problem I am trying to solve is handling the authentication for users who find the repeated prompts when accessing our SharePoint Online (SPO) site within the WebView2 control annoying. I am not looking to access Graph API or the SPO API, just allow the user to navigate to our SPO site without login prompts. Our on-prem AD synchronizes with Azure AD.

A couple of applications I've developed:

  • An Office add-in using SSO with delegated permission and signed off by our admin so that users do not log in

  • A console app that has application permission to update all calendars in our organization via the EWS API, protected with Azure AD certificate authorization, although it initially used a secret

That said, how can I set up the app authorization so that my desktop WPF app can allow the users to access SPO without prompts?

James Igoe
  • 443
  • 5
  • 14

1 Answers1

0

According to your scenario, you can try the following things in your web view control such that you will no longer receive authentication prompts for Sharepoint online login.

• You trying to access SPO site within web view control, so you need to allow authentication for both the http clients, i.e., Windows store clients(classic)[System.Net.Http.HttpClient] and HTTP clients[Windows.Web.Http.HttpClient] connected to web view controls. You can do so by adding the new one in your code as below: -

  var filter = new HttpBaseProtocolFilter();
  filter.ServerCredential = new   Windows.Security.Credentials.PasswordCredential("http://website","login","password");
        Windows.Web.Http.HttpClient client2 = new 
        Windows.Web.Http.HttpClient(filter);
        var response = await client2.GetAsync(new Uri("http://website"));
        WebView.Source = new Uri("http://website");

• In this code, change the “login” and “password” to the credentials you want to use to login in the SPO site. Also, change the “http://website” to the SPO website and set the ‘enterpriseAuthentication’ parameter to off.

• Also, you can use the ‘’TodoListService” Service app for maintaining an in-memory collection of to-do-items for each authenticated user for login purposes.

Please refer the below links for more reference: -

providing domain/user credentials to webview control

https://learn.microsoft.com/en-us/previous-versions/windows/hh465283(v=win.10)?redirectedfrom=MSDN

https://learn.microsoft.com/en-us/samples/azure-samples/active-directory-dotnet-native-aspnetcore-v2/1-desktop-app-calls-web-api/

This way, hopefully the SPO site can be accessed through desktop WPF app without authentication prompts.

Thanking you,

Kartik Bhiwapurkar
  • 4,550
  • 2
  • 4
  • 9
  • Using passwords is a non-starter. API access, to Graoh or EWS API, is something I have done before with a couple of apps, but it is not relevant. The user needs to access the site, not have me code API access in the background. – James Igoe Aug 17 '21 at 15:39
  • On second thought, maybe not a bad idea, to use a service account with limited rights to access the site. They would use credential where needed, but thing trivial like reading documents on a SharePoint Online site, using an account. – James Igoe Aug 17 '21 at 15:44