Active Authentication Of Office 365 And Sharepoint Online

It should also be noted that a User Agent of the request to a new value. With the use of SAML 1.1 protocol, the password and username would be passed on for the requested token from STS. Here is a simple example for it:

MsOnlineClaimsHelperclaimsHelper = new MsOnlineClaimsHelper(url, username, password);. It contains everything you might need for authentication, retrieving and caching the cookies and piggyback the cookie container on the CSOM web requests. For accessing sharepoint objects programmatically you need to active authentication by using client object model, web services or WebDAV from outside of Office 365. If the user agent is not set then a 403 forbidden error is thrown by SharePoint Online in the case of an E-subscription. Next step would be to pass along the cookies for each request. Adding cookies and user agent would be just fine.

using (ClientContext context = new ClientContext(url))

context.ExecutingWebRequest += claimsHelper.clientContext_ExecutingWebRequest;

It is also very important to be aware of which Office 365 subscription that you are targeting. HTTP is used by P-subscriptions while communicating and HTTPS must be used by E-subscriptions.

SharePoint Online active AuthN basics

Console.WriteLine(“Name of the web is: ” + context.Web.Title);


You may use the helper class called MsOnlineClaimsHelper. When using manually the WebRequest objects then the same procedure is used. STS returns the security token if authentication is successful and token is then sent to SharePoint. While it works fine on P-subscriptions but doesn’t harm if added. After having the cookies the next step would be to create a Cookie Container object in which cookies can be added. This is a responsible method for creating cookie container more on this one later. The first step would be to request a token from STS which is located at login.microsoftonline in Office 365. Along with SharePoint development the developers can also help their customers to define and analyse their application requirements, guide them through different techniques for integrating business requirements and execute it over a set which is well planned.

Let us get to the core of this article. After the validation the token will return two cookies which must also be passed with all requests to SharePoint.


To invoke methods on SharePoint online with the use of Client Object Model (CSOM), web services or WebDAV we need to authenticate first. This is not required if you are using SharePoint Online or using the web browser because in this case you are either already authenticated and it is the web browser that handles all the authentication with the use of active authentication.

Show me the code to get the cookies!

How to use Client Object Model with Office 365 from a remote client

There is huge rise in demand for various SharePoint development services which include services like SharePoint customization, SharePoint consulting, development of customized web parts, customized migration, troubleshooting implementation issues and much more. Then the cookie container should be added to the request done by Client object model and for this an even called Executing web Request can be used. How would the code look? There are some helper class originated from Steve “SharePoint Claims” Peschka.

Let us see and understand how the code works before going deep into the actual code.

This article gives you the details of performing active authentication to SharePoint online in Office 365

Amelia Woodward

Amelia Woodward

Hopefully you will now be less likely to fall for a system that doesn't work. There are systems that can and will bring you rewards but it is imperative that you know what you are buying first.
Amelia Woodward

Leave a Reply