Accessing Sharepoint on-prem with ADFS using OAUTH RRS feed

  • Question

  • We have a stand-alone app (not Sharepoint add-in) that allows users to connect to O365 resources using OAUTH.  We would like to extend the apps' functionality to allow access to on prem Sharepoint as well, however we do not want to develop and manage Sharepoint Add-ins for this purpose.

    We took the approach of configuring Sharepoint (2016 multi tenant host header site collections) to use ADFS3 and then set up OAUTH on the ADFS server and created a Trusted Security Token Issuer on Sharepoint with the certificate and ID of the ADFS client.  Everything works up to the point where we present the tokens we received from ADFS to the Sharepoint server.  The error we get is:

    {"error":"invalid_client","error_description":"Invalid audience Uri 'urn:qa16oauth:adfstwo'."}

    Is this even possible without a sharepoint add-in or is there a different approach?   We want to allow the customer to access their own Sharepoint files with as few changes as possible to their Sharepoint environment. 

    Tuesday, January 15, 2019 11:53 AM


All replies