We are building a web business application (timesheet) using ASP.Net MVC; we are using Office365 and i would like this web application to add record to SPO lists. I created a Service Principal Name in my Office365 AD and i succeded to get a token to access SharePoint on behalf of this SPN using this code in my web application (it's based on code to query the Office365 AD):
tenantID is "myOffice365domain.onmicrosoft.com"
_appPrincipalID is the GUID of the SPN
_appKey is the secret of the SPN
AuthenticationContext _authContext =new AuthenticationContext(string.Format("https://accounts.accesscontrol.windows.net/{0}", tenantID));
SymmetricKeyCredential credential =
new SymmetricKeyCredential(string.Format("{0}@{1}", _appPrincipalID, tenantID), Convert.FromBase64String(_appKey));
AuthenticationResult _assertionCredential = _authContext.AcquireToken(
string.Format("00000003-0000-0ff1-ce00-000000000000/myOffice365domain.sharepoint.com@{0}", tenantID),
credential);
string authHeader = _assertionCredential.CreateAuthorizationHeader();
//query SPO
HttpWebRequest webRequest = WebRequest.Create("https://myOffice365domain.sharepoint.com/_api/web/lists") as HttpWebRequest;
webRequest.Method = "GET";
webRequest.Headers["Authorization"] = authHeader;
webRequest.Headers["x-ms-dirapi-data-contract-version"] = "0.8";
webRequest.Accept = "application/json;odata=verbose";
var httpResponse = (HttpWebResponse)webRequest.GetResponse();
On the GetResponse call, i get a 403 error; so i think that the problem is that the SPN of my web application has no right in my SharePoint. How can i grant access to SPO to my SPN? I tried using the apps menu in SharePoint admin center then App Permissions but i can't find my SPN with the "Find app principal by identifier" search box.
