Wanted to create demo for how to leverage F12 tools to capture SharePoint Online REST api calls and replay into REST Postman. Allows adjustment of HTTP headers, inspecting output, and execute test API calls. Postman provides benefits of storing history, export data, and fine tuning the API headers.
Leveraging Chrome F12 enables us to quickly create a valid HTTP POST with correct authentication HTTP headers, cookies, and endpoint URL. Cheers.
However, we have a fix.
Leverage Internet Explorer to obtain a valid Office 365 session and export those cookies to text. Demo video shows exactly how to extract the “FedAuth” and “rtFa” cookies to successfully login from any web client (FireFox, Chrome, Fiddler, REST Post Man).
You can’t get there from here This application contains sensitive information and can only be accessed from:
____ domain joined devices. Access from personal devices is not allowed.
The current browser is not supported, please use Microsoft Edge, Internet Explorer or Chrome to access this application. Sign out and sign in with a different account More details Request Id: 910358d2-1206-4c34-93a9-f0b649d66c00 Correlation Id: cfbcaa9e-c092-7000-52c6-8ee95190c3a7 Timestamp: 2018-12-10T19:54:00.886Z App name: Office 365 SharePoint Online App id: 00000003-0000-0ff1-ce00-000000000000 IP address: 10.10.10.10 Device identifier: Not available Device platform: Windows 10 Device state: Unregistered Advanced diagnostics: Enable If you plan on getting support for an issue, turn this on and try to reproduce the error. This will collect additional information that will help troubleshoot the issue.
Even with Legacy auth disabled, you can successfully run Connect-PNPOnline. Video demo shows changing SPO tenant security, then how to register new AppId for Connect-PNPOnline access to all site collections in tenant. The “AppRegNew” and “AppInv” ASPX pages can be used to establish authentication channel for PowerShell work in PNP on Office 365 tenants where Legacy Auth is disabled. Cheers!
By default this value is set to $True. Setting this parameter prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources. A value of True- Enables Office clients using non-modern authentication protocols (such as, Forms-Based Authentication (FBA) or Identity Client Runtime Library (IDCRL)) to access SharePoint resources. A value of False-Prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources. Note This may also prevent third-party apps from accessing SharePoint Online resources. Also, this will also block apps using the SharePointOnlineCredentials class to access SharePoint Online resources. For additional information about SharePointOnlineCredentials, see SharePointOnlineCredentials class.