Use the Beezy.Client with MFA

This content is valid for Cloud since version 4.2.0

When the account used to call the Appspace Intranet API through our Beezy.Client wrapper is secured with Multi-Factor Authentication we can’t use the PSCredential:

Instead of using a PSCredential, since Appspace Intranet 4.2 we support MSAL to bypass this MFA scenario.

What do we need to use Beezy.Client with MSAL?

First of all, we need to register an App to our Microsoft 365 tenant Azure AD and configure it with the required permissions. This App will be our proxy to get valid tokens to call the Appspace Intranet API.

From your Azure Active Directory > App registrations:

New registration: register a new application.
API permissions: add SharePoint delegated permissions AllSites.FullControl and User.Read.All to have available the complete Appspace Intranet API.
Authentication: add platform Mobile and desktop applications and select MSAL only option.

Once the App is registered you just have to save the following values to a CSV file: ClientID, TenantID, RedirectUri and Scope. You can get them from the App overview page (RedirectUri click on the link and Scope is always https://YOUR-SHAREPOINT-TENANT/.default):

Example:

(CSV file format must be like this, with the header in the first line and values in second line)

Calling Beezy.Client with MSAL

As we already have the CSV file with required App configuration settings, we can now use our Beezy.Client from PowerShell with an account secured with Multi-Factor authentication. We just need to do the following:

Load the beezy-Scripts.ps1 file to make it easier to load required objects.
Call the method to get the Beezy.Client with MSAL: $beezyClient = New-BeezyMsalClient $SiteCollectionUrl $MsalConfigCsvPath
You’ll be asked for your account credentials as permissions are delegated. Enter your Microsoft 365 account (Appspace Intranet user). Then you’ll be asked to approve the MFA login (normal MFA flow). Once done, you’re authenticated, we have a valid token and you have the Beezy.Client available.
Get the Appspace Intranet API: $beezyApi = $beezyClient.BeezyApi
Call the needed method from our API

Example:

Use the Beezy.Client with MFA

What do we need to use Beezy.Client with MSAL?

Calling Beezy.Client with MSAL

Related Articles

Access logs from Azure in Appspace Intranet cloud installations

Filtering content

Set and manage an expiration date for a Page

Apps personalized menu

Customize the Community Design

Related Files

Communities

Approval process

Bookmarking activities

Stories for you

Latest Articles

Appspace 8.x Release Notes for Private Cloud

Countdown Card Release Notes

Appspace Compatible and Self-Certified Devices

Advanced Registration: Register Devices with Serial Numbers, MAC Addreses, and Vendor IDs

Configure Desk Booking for Qbic Smart Panel PC Devices

Configure SCIM User Provisioning with HRIS/IdP for Appspace Cloud

Configure Single Sign-On (SSO) & Just-in-Time (JIT) for Appspace Cloud

Configure Appspace App on Qbic Devices

Browse By Category

Release Notes

Get Support

Video Tutorials

Archives

Company

Helpful Links

Follow