SharePoint Online Authentication for SOAP Service Calls

This article was originally published under TechNet Gallery. You can download the sample solution here.*

Background

This solution provides an example of how you can authenticate your SOAP Service Calls to a SharePoint Online Site. Take note that Microsoft strongly suggests moving such solutions to either CSOM based or REST API based implementation. There might be cases, such as an immediate migration from an On-Premise Site to Office365, where you will not have enough time to rebuild your application and keeping the SOAP Service calls might be the temporary option.

How it works

First, let's try to add a Service Reference to the SharePoint Online Site's Web Service. To add a Service Reference, right-click your Visual Studio Project, select Add, then click Service Reference.

https://i1.gallery.technet.s-msft.com/sharepoint-online-86800f1f/image/file/162349/1/capture1.jpg

Provide the address of your SharePoint Online Site Web Service

https://i1.gallery.technet.s-msft.com/sharepoint-online-86800f1f/image/file/162350/1/capture2.jpg

Reference the Service Reference on your Program Class.

The function below uses SharePointOnlineCredentials to get the Authentication Cookies which you will add to the Request Headers. The parameters are the SharePoint URI, your organization's email account and password.

C#

Edit|Remove

        private static CookieContainer GetAuthCookies(Uri webUri, string userName, string password)         { 
            var securePassword = new SecureString();             foreach (var c in password) { securePassword.AppendChar(c); }             var credentials = new Microsoft.SharePoint.Client.SharePointOnlineCredentials(userName, securePassword);             var authCookie = credentials.GetAuthenticationCookie(webUri); 
            var cookieContainer = new CookieContainer();             cookieContainer.SetCookies(webUri, authCookie);             return cookieContainer;         } 

The sample below uses the GetAuthCookies function then add it to the Headers. To check if we can communicate with the SharePoint Online Site, we call the GetListCollection method to get all the Lists within that site.

C#

Edit|Remove

        static void Main(string[] args)         {             Uri myuri = new Uri(spurl);             HttpRequestMessageProperty p = new HttpRequestMessageProperty();             CookieContainer cookie = GetAuthCookies(myuri, uname, pword);  
            string cookieHeader = cookie.GetCookieHeader(myuri);             p.Headers.Add("Cookie", cookieHeader);             using (ListsSoapClient proxy = new ListsSoapClient())             { 
                proxy.Endpoint.Address = new EndpointAddress(serviceadd);  
                using (new OperationContextScope(proxy.InnerChannel))                 { 
                    OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = p;                     XElement spLists = proxy.GetListCollection(); 
                    foreach (var el in spLists.Descendants())                     { 
                        foreach (var attrib in el.Attributes())                         {                             if (attrib.Name.LocalName.ToLower() == "title")                             {                                 System.Console.WriteLine("> " + attrib.Name + " = " + attrib.Value);                             }                         } 
                }                     } 
            }                 System.Console.ReadKey(); 
 
        }