Replies: 1 comment 2 replies
-
Hi @jhholm, if I understand it correctly, you are having trouble using CLI in Azure Functions, using managed identity right? Correct me if I misunderstood the original issue. |
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
My current development workflow with Node Azure Functions that call SPO, uses Managed Identity when running in production, and AzureCliCredential from @azure/identity while developing/debugging. It seems that some change lately has dropped support to call SharePoint APIs with Azure CLI token. Graph APIs still seem to work.
See https://stackoverflow.com/questions/76629048/accessing-sharepoint-via-visual-studio-app-is-not-allowed-to-call-spo-with-user
Using application permissions with a self signed certificate for just development purposes is a bit cumbersome in my opinion. I would like to continue working in a similar fashion as with AzureCliCredential - device code flow - delegated permissions - while debugging/developing.
So I wanted to test if I could use M365 CLI and I created a similar wrapper as AzureCliCredential that uses m365 util accesstoken get behind the scenes. This functionality seems to work as usually the PnP Management Shell service principal is configured properly for delegated permissions. I also noticed that I could use m365 cli to login with a custom service principal with device code flow.
I still need to iron out some of the quirks, but currently my initial implementation seems to work with both getting a SharePoint and Graph token with a custom service principal or the standard pnp management service principal.
I was just wondering would it make sense to add this functionality to this project, or probably somewhere else. E.g. PnPjs as they already have some wrapper functionality regarding this.
Current status/things to do:
Beta Was this translation helpful? Give feedback.
All reactions