C# How to Access SharePoint Online Lists using Graph API using MSAL

In this article, we will see how to invoke SharePoint Online Lists using Graph API using MSAL authentication in C#.

To access a SharePoint Online list using the Microsoft Graph API with MSAL (Microsoft Authentication Library) authentication in C#, you will need to follow these steps:

• Register your application with Azure Active Directory (AAD) and grant it the necessary permissions to access SharePoint Online. This will enable your application to authenticate with AAD and obtain access tokens.
• Install the Microsoft.Identity.Client NuGet package in your C# application. This will allow you to authenticate users and obtain access tokens using the MSAL library.
• Use the MSAL library to authenticate the user and obtain an access token. This token will be used to authorize your application to access SharePoint Online.
• Use the access token to make a request to the Microsoft Graph API to retrieve the data from the SharePoint Online list.

Here is an example of how you can use the MSAL library to authenticate a user and obtain an access token in a C# console application:

Using below code, method CreateAuthorizationProvider will get authorization provider (NOTE: this will not work/generate token, if you are using in Web API. You can refer this article (Call Graph API from Web API) in case you want to use in Web API) and using method GetAuthenticatedGraphClient will get graph client service. And using graph client service, we can invoke user detail or SharePoint Online. 

First, I have given code to invoke Id, Name and Email of users.

And then I have code given to read SharePoint Online Lists, by passing domain name, site id, web id of SharePoint Online Site.

Code:

public static void Main(string[] args)

{

    var client = GetAuthenticatedGraphClient();

    var graphRequest = client.Users.Request();

    var results = graphRequest.GetAsync().Result;

    //Display User Id, Name, Email

    foreach (var user in results)

    {

        Console.WriteLine(user.Id + ": " + user.DisplayName + " | " + user.Mail);

    }

    string domainName = "xxxxxxx.sharepoint.com";

    string siteId = "xxxxxxxxxxxxxxxxxxxx";

    string webId = "xxxxxxxxxxxxxxxxxxxxx";

    string siteDetail = string.Format("{0},{1},{2}", domainName, siteId, webId);

    var lists = client.Sites[siteDetail].Lists

    .Request()

    .GetAsync().Result;

    //Display all lists name in the site

    foreach (var list in lists)

    {

        Console.WriteLine("lists : " + list.Name);

    }

    Console.ReadLine();

}

private static IAuthenticationProvider CreateAuthorizationProvider()

{

    var clientId = "xxxxxxxxxxxxxxxxxxxxxxxxxxxx";

    var tenantId = "xxxxxxxxxxxxxxxxxxxxxxxxxxx";

    var clientSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxx";

    string authority = string.Format("https://login.microsoftonline.com/{0}/v2.0", tenantId);

    string redirectUri = "https://domainname.sharepoint.com/sites/contoso5";

    List<string> scopes = new List<string>();

    scopes.Add("https://graph.microsoft.com/.default");

    var cca = ConfidentialClientApplicationBuilder.Create(clientId)

                                            .WithAuthority(authority)

                                            .WithRedirectUri(redirectUri)

                                            .WithClientSecret(clientSecret)

                                            .Build();

    return new MsalAuthenticationProvider(cca, scopes.ToArray());

}

private static GraphServiceClient GetAuthenticatedGraphClient()

{

    var authenticationProvider = CreateAuthorizationProvider();

    var graphClient = new GraphServiceClient(authenticationProvider);

    return graphClient;

}

Happy PC (Programming / Configuring)