Saturday, 12 January 2013

SharePoint Online: Authenticating .NET Client Object Model in Office 365

The process of authenticating the .NET Client Object Model in SharePoint Online has been greatly simplified in the 2013 version. Earlier (2010), you had to go through a lot of steps for doing the exact same thing. You  had to open a web browser instance, force the user to enter the credentials in the browser and then grab that  cookie from Internet Explorer and pass it to the .NET CSOM. If you are interested, the code of the old authentication method can be found here:

Fortunately in the 2013 version, the process is a lot simplified by the introduction of the SharePointOnlineCredentials class. This class is part of the Microsoft.SharePoint.Client.dll itself so you don't have to include an extra assembly in your application. All you have to do is pass an instance of the SharePointOnlineCredentials class to the ClientContext.Credentials property. The SharePointOnlineCredentials takes in two parameters which are your Login Email for your Office 365 SharePoint site and your password in the SecureString format.

You can grab all the required SharePoint 2013 client assemblies from here:

For this particular demo, you will need to reference the Microsoft.SharePoint.Client.dll and the Microsoft.SharePoint.Client.Runtime.dll assemblies in your project.

 The code is as follows:


Anonymous said...

Great post - I can get it working great on my Windows 8 VS 2012 Development machine but it fails when deploying. msoidclil.dll was missing and once I registered it on the IIS server, some of its dependencies appear missing. Any pointers on what needs installed on the IIS server (2008 R2)?


Vardhaman Deshpande said...

Hi Anonymous,

You will probably need to manually install the O365 Pre-Upgrade software on your Server 2008 R2. Here a is a link which should help you out:

The msoidcli.dll is one of libraries which provides the framework for authentication in Office 365. Learn more about it here:

Erik Hoeksma said...

Hi there,

Thanks for this post. this seems to work properly when developing locally, but I tried to push this to azure websites, and there it gives me the "401 - Unauthorized" error, with the exact same code (it does try to connect, just not authorized.

Would you know how I can fix this ?

Patrick krug said...

This is great but can I authenticate against Office 365 using this? I want to log the person in? How do I get the authcookie?

Jeremy Ostendorf said...

Looks promising. However, how do you handle authentication when you use active sync with ADFS? Are there any examples of this? I have really struggled trying to find examples on how to do this.

What about the file size limit. It was previously 3MG, however recently it was closer to 2MG. I have had to change to posting a request, and then updating the fields using CSOM. It really needs to be over 5MG, if not 20+.

suyog patki said...

Eric, sorry replying late but I guess you need to use ACS with Azure websites as mentioned here

Ariel Plon said...

Hi....GREAT POST!!!! I've been struggling to connect a .Net app with Sharepoint online. I tried the code you posted, but I'm getting the follwing error: "The identity has not been authenticated". However I know for sure that the URL, username and password are correct, since I can connect directly from the borwser (open the URL, get the Office365 login screen, enter username and password).

Any ideas?
Kind regards, Ariel

Vardhaman Deshpande said...

Hi Ariel,

Are you sure that you are connecting to a SharePoint Online 2013 version? This authentication method is not supported for SharePoint Online 2010. Also, if you don't mind sending me the URL of your site and the credentials of a test user, I could check out what the problem is exactly.

Ariel Plon said...

Thank you for your response Vardhaman. I'm pretty sure it's a Sharepoint 2013 Online. The url is Username:
Pass: Chile001
The error I'm receiving is "The identity has not been authenticated."
To stay in touch, my email is
Best regards, Ariel

Vardhaman Deshpande said...

Hi Ariel,

I have tried your credentials and it works for me. Here is my sample project

You can take a look at the code.

Ariel Plon said...

Thank you Vardhaman. Worked like a charm. I used your code, translated to and....voila: I got sharepoint 2013 integration :)

Best regards, Ariel

Ariel Plon said...

Worked like a charm!!!
Once again....YOU ARE THE MAN!!!!
Thanks for this

Vardhaman Deshpande said...

Glad it helped you :)

Steven C. Britton said...

I've tried to get this working using Office 2013, and it won't authenticate my client.

I have a login, so I've tried the following: (fails) (fails) (doesn't recognize as valid)

I've also tried both HTTP and HTTPS tags on the url, and ALSO, I've tried both http[s]:// (which does not need authentication) as well as http[s]:// (which does require authentication)

Each and every time, the code fails here: clientContext.Credentials = new SharePointOnlineCredentials("",passWord);

with a "The identity has not be authenticated" error.

What am I missing? I've been pounding my head against this for weeks, and I'm getting extremely frustrated with it.

Anonymous said...

Anyone had any luck deploying this in an app to Office365? I get "File Not Found Exception msoidcliL.dll" but works fine locally..

Anonymous said...


I getting the "Catastrophic failure (Exception from HRESULT: 0x8000FFFF (E_UNEXPECTED))" error in the SharePointOnlineCredentials. Do you know how I can fix it?

And is it possible to use Active Directory's user in SharePointOnlineCredentials?


Anonymous said...

Hi All,

Bit late but hope someone of you can see this.
I have followed same code lines for SPO 2013 but I am getting an error at clientContext.ExecuteQuery();.

Error says - The remote server returned an error: (403) Forbidden.

Appreciate any help.


Andy said...

Like the 1st commenter, it works great on my PC. It does not work on my Windows Server. I get "FileNotFoundException: msoidcliL.dll" I have msoidcliL.dll (and the 2 Microsoft.SharePoint.Client.dll files) in the bin. VS will not let me add msoidcliL.dll as a reference. Thoughts?

Vardhaman Deshpande said...


This might help?

Andy said...

Thanks, that contains good info about what the msoidcliL.dll issue may be. However, in my case, I cannot modify the registry on my shared server. And I can't install the "Client Components SDK". I see more people with the same issue, but I don't see a solution yet.

Atul Sureka said...

I found lot of articles on internet about SharePoint authentication. Almost of all of them were pointing to same MSDN codebase that does not work with client service. It really helped me to resolve this issue.

Great post Vardhaman. Thanks

Atul Sureka

bittusrk said...

Works like a charm really! It would just make my day if I can get rid of mentioning the password in this code. Can this be done somehow Vardhaman?

Brett said...

What about if you were trying to authenticate Wordpress using Sharepoint credentials. Could you do that using JS or PHP?

Vardhaman Deshpande said...


I have not tested it but you can maybe use the REST API for that.

First get the RequestDigest of the SharePoint Page by following this link:

and then pass that request digest to your jQuery.ajax call as shown here:

Dylan Nicholson said...

IDCRLException: "Identity Client Runtime Library (IDCRL) could not look up the realm information for a federated sign-in."

This is the error I get just trying to construct a SharePointOnlineCredentials object - it was working fine previously. Any clues?

siddharth kumar said...

I am getting 401 unauthorized error while connecting to the Office365 using your code.
I am able to authenticate using login screen method.
But the requirement is to authenticate without using login screen pop up.
Kindly Help?

Abhishek said...

Hi Vardhaman,

Its working fine for me in my local but currently when I am publishing my site on azure its throwing error "System.IO.FileNotFoundException: msoidcliL.dll". Do you have any idea about the same ?
FYI: we can't install anything on the Azure website.

Abhishek said...

If any get the error for sharepoint-azure-msoidclil-dll please refer below url:

Lucky said...

Hi Vardhaman,

I get following error in my service

A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond

Please help me to resolve this issue

James Leahy said...

Hi Vardhaman,

How can I authenticate to SharePoint 2013 (On-prem) using ADFS as the authentication provider. In my code, I'm creating the ClientContext object but when I try to execute the query I'm getting a 403 Forbidden error.


ARUN said...

Thanks Vardhaman. This helped me a lot

Unknown said...

Hello Vardhaman,

I am new to sharepoint and trying to read List from sharepoint. But i'm getting exception "Cannot contact site at the specified URL https://xyz". Could you please help me here.


Unknown said...

Hi I need to create a web service for external apps (other sites from the internet) invoke from my SharePoint site. The thing is that we have SharePoint Online. Can I do what u said in your post in SharePoint Online? If so, how? I'm very newbie in SharePoint.