This content is valid for Cloud since version 4.2.0
When the account used to call the Appspace Intranet API through our Beezy.Client wrapper is secured with Multi-Factor Authentication we can’t use the PSCredential:
Instead of using a PSCredential, since Appspace Intranet 4.2 we support MSAL to bypass this MFA scenario.
What do we need to use Beezy.Client with MSAL?
- New registration: register a new application.
- API permissions: add SharePoint delegated permissions AllSites.FullControl and User.Read.All to have available the complete Appspace Intranet API.
- Authentication: add platform Mobile and desktop applications and select MSAL only option.
Once the App is registered you just have to save the following values to a CSV file: ClientID, TenantID, RedirectUri and Scope. You can get them from the App overview page (RedirectUri click on the link and Scope is always https://YOUR-SHAREPOINT-TENANT/.default):
Calling Beezy.Client with MSAL
- Load the beezy-Scripts.ps1 file to make it easier to load required objects.
- Call the method to get the Beezy.Client with MSAL: $beezyClient = New-BeezyMsalClient $SiteCollectionUrl $MsalConfigCsvPath
- You’ll be asked for your account credentials as permissions are delegated. Enter your Microsoft 365 account (Appspace Intranet user). Then you’ll be asked to approve the MFA login (normal MFA flow). Once done, you’re authenticated, we have a valid token and you have the Beezy.Client available.
- Get the Appspace Intranet API: $beezyApi = $beezyClient.BeezyApi
- Call the needed method from our API
Was this article helpful?