ADO.NET Provider for SharePoint

Build 21.0.7930

Establishing a Connection

Connecting to SharePoint

Set the URL to a Site Collection to work with all Lists and Documents in the global Sharepoint site. Set the URL to a specific Site to work with Lists and Documents in that Site only.

URLExample URL
Sitehttps://teams.contoso.com/teamA or https://teamA.contoso.com
Site Collectionhttps://teams.contoso.com

In addition to providing the URL, use one of the following sets of connection properties to authenticate to SharePoint. The default values make it easy to connect in most environments, as shown below.

Authenticating to SharePoint Online

Set SharePointEdition to "SharePoint Online" and set the User and Password to the credentials you use to log onto SharePoint; for example, the credentials to your Microsoft Online Services account.

The following SSO (single sign-on) identity providers are also supported: ADFS, OneLogin, and OKTA. If the user account domain is different from the domain configured with the identity provider, set SSODomain to the domain configured with the identity provider. This property may be required for ADFS, OneLogin, and OKTA.

Authenticating with ADFS

Set the AuthScheme to ADFS. The following connection properties need to be set:

  • User: Set this to the ADFS user.
  • Password: Set this to ADFS password for the user.
  • SSODomain (optional): The domain configured with the ADFS identity provider.
Below is an example connection string:
AuthScheme=ADFS;User=ADFSUserName;Password=ADFSPassword;URL='http://sharepointserver/mysite';

Authenticating with Okta

Set the AuthScheme to Okta. The following connection properties are used to connect to Okta:

  • User: Set this to the Okta user.
  • Password: Set this to Okta password for the user.
  • SSODomain (optional): The domain configured with the OKTA identity provider.

The following is an example connection string:

AuthScheme=Okta;User=oktaUserName;Password=oktaPassword;URL='http://sharepointserver/mysite';

Authenticating with OneLogin

Set the AuthScheme to OneLogin. The following connection properties are used to connect to OneLogin:

  • User: Set this to the OneLogin user.
  • Password: Set this to OneLogin password for the user.
  • SSODomain (optional): The domain configured with the OneLogin identity provider.

The following is an example connection string:

AuthScheme=OneLogin;User=OneLoginUserName;Password=OneLoginPassword;URL='http://sharepointserver/mysite';

Authenticating with PingFederate

Set the AuthScheme to PingFederate. The following connection properties are used to connect to PingFederate:

  • User: Set this to the PingFederate user.
  • Password: Set this to PingFederate password for the user.
  • SSODomain (optional): The domain configured with the PingFederate identity provider.

The following is an example connection string:

AuthScheme=PingFederate;User=PingFederateUserName;Password=PingFederatePassword;URL='http://sharepointserver/mysite';

Authenticating using Azure Service Principal

Azure Service Principal is a connection type that goes through OAuth. Set your AuthScheme to AzureServicePrincipal and see Using Azure Service Principal Authentication for an authentication guide.

Authenticating with OAuthJWT Certificate Authentication

Set the AuthScheme to OAUTHJWT. The following connection properties are used to connect to OneLogin:

  • OAuthGrantType: Set this to REFRESH.
  • AzureTenant: Set this to the tenant you wish to connect to.
  • OAuthJWTCert: Set this to the JWT Certificate store.
  • OAuthJWTIssuer: Set this to the OAuth Client ID.
  • OAuthJWTCertType: Set this to the type of the certificate store specified by OAuthJWTCert.

Authenticating to SharePoint On Premises

Set SharePointEdition to "SharePoint OnPremise" to use the following authentication types.

  • Windows (NTLM)

    This is the most common authentication type. As such, the provider is preconfigured to use NTLM as the default; simply set the Windows User and Password to connect.

  • Authenticating with Kerberos

    Set the AuthScheme to NEGOTIATE. The following connection properties are used to connect with Kerberos:

    • KerberosKDC: Set this to the host name or IP Address of your Kerberos KDC machine.
    • KerberosSPN: Set this to the service and host of the SharePoint Kerberos Principal. This will be the value prior to the '@' symbol (for instance, MyService/MyHost) of the principal value (for instance, MyService/MyHost@EXAMPLE.COM).

    Please see Using Kerberos for details on how to authenticate with Kerberos.

  • Forms

    This allows authentication through a custom authentication method, instead of Active Directory. To use this authentication type, set AuthScheme to FORMS and set the User and Password.

  • Authenticating with ADFS

    Set the AuthScheme to ADFS. The following connection properties need to be set:

    • User: Set this to the ADFS user.
    • Password: Set this to ADFS password for the user.
    • SSOLoginUrl: Set this to the WS-trust endpoint of the ADFS server.
    The following SSOProperties are needed to authenticate to ADFS:
    • RelyingParty: The value of the relying party identifier on the ADFS server for Sharepoint.
    Below is an example connection string:
    AuthScheme=ADFS;User=ADFSUserName;Password=ADFSPassword;SSOLoginUrl='https://<authority>/adfs/services/trust/2005/usernamemixed';SSO Properties ='RelyingParty=urn:sharepoint:sp2016;';

  • Authenticating with Anonymous Access

    Set the AuthScheme to NONE along with the URL.

Authenticating using MSI Authentication

If you are running SharePoint on an Azure VM, you can leverage Managed Service Identity (MSI) credentials to connect:

  • AuthScheme: Set this to AzureMSI.

The MSI credentials will then be automatically obtained for authentication.

Copyright (c) 2021 CData Software, Inc. - All rights reserved.
Build 21.0.7930