Awesome
node-sp-auth - nodejs to SharePoint unattended http authentication
[!CAUTION]
I don't use this module for many years and don't have time to actively maintain it. Thus no new versions are expected and no new features. Only your PR requests, if they are valid.
Also, with Azure ACS and SharePoint Add-in model retirement some authentication methods for SharePoint Online will stop working after April, 2026.
I strongly recommend to use msal-node for authentication purposes.
node-sp-auth
allows you to perform SharePoint unattended (without user interaction) http authentication with nodejs using different authentication techniques. node-sp-auth
also takes care about caching authentication data for performance (no need for you to think about how long authentication will be available, that's a task for node-sp-auth
, as soon as authentication will be expired, node-sp-auth
will renew it internally).
Versions supported:
- SharePoint 2013 and onwards
- SharePoint Online
Authentication options:
- SharePoint 2013 and onwards:
- Addin only permissions
- User credentials through the http ntlm handshake
- Form-based authentication (FBA)
- Forefront TMG authentication
- SharePoint Online:
- Addin only permissions
- SAML based with user credentials
- ADFS user credentials (works with both SharePoint on-premise and Online)
- On demand authentication. Uses interactive browser session for asking credentials. Supports third-party authentication providers for SharePoint Online and SharePoint on-premise. Doesn't support integrated windows authentication (NTLM).
Wiki contains detailed steps you need to perform in order to use any of authentication options as well as sample using.
How to use
Install
npm install node-sp-auth --save-dev
Create authentication headers and perform http request
import * as spauth from 'node-sp-auth';
import * as request from 'request-promise';
//get auth options
spauth.getAuth(url, credentialOptions)
.then(options => {
//perform request with any http-enabled library (request-promise in a sample below):
let headers = options.headers;
headers['Accept'] = 'application/json;odata=verbose';
request.get({
url: 'https://[your tenant].sharepoint.com/sites/dev/_api/web',
headers: headers
}).then(response => {
//process data
});
});
API
getAuth(url, credentialOptions)
return value
Promise resolving into object with following properties:
headers
- http headers (normally containAuthorization
header, may contain any other heraders as well)options
- any additional options you may need to include for succesful request. For example, in case of on premise user credentials authentication, you need to setagent
property on corresponding http client
params
url
- required, string, url to SharePoint site,https://sp2013/sites/dev/
orhttps://[your tenant].sharepoint.com/sites/dev/
credentialOptions
- optional, object in a form of key-value. Each authentication option requires predefined credential object, depending on authentication type. Based on credentials provided,node-sp-auth
automatically determines which authentication strategy to use (strategies listed in the top of the readme file).
Possible values for credentialOptions
(depending on authentication strategy):
-
SharePoint on premise (2013, 2016):
- Addin only permissions:
clientId
,issuerId
,realm
,rsaPrivateKeyPath
,shaThumbprint
- User credentials through the http ntlm handshake:
username
,password
,domain
,workstation
- User credentials for form-based authentication (FBA):
username
,password
,fba
= true - User credentials for Forefront TMG (reverse proxy):
username
,password
,tmg
= true
- Addin only permissions:
-
SharePoint Online:
- Addin only permissions:
clientId
,clientSecret
- SAML based with user credentials
username
,password
,online
- Addin only permissions:
-
ADFS user credentials:
username
,password
,relyingParty
,adfsUrl
,adfsCookie
-
On demand authentication
ondemand
= true,electron
,force
,persist
,ttl
-
no authentication - do not provide any authentication data at all, like
spauth.getAuth(url).then(...)
. In that casenode-sp-auth
will ask you for the site url and credentials. You will have to select any of the credential options listed above. Credentials will be stored in a user folder in an encrypted manner.
Credits: Andrew Koltyakov @koltyakov and his awesome node-sp-auth-config
Please, use Wiki to see how you can configure your environment in order to use any of this authentication options.
setup(configuration)
params
configuration
- object accepting some configuration values for node-sp-auth. Currently it supports only configuration of underlinerequest
module via providing below code (for options available consider request repository):
spauth.setup({
requestOptions: {... request options object}
});
Development
I recommend using VS Code for development. Repository already contains some settings for VS Code editor.
Before creating Pull Request you need to create an appropriate issue and reference it from PR.
git clone https://github.com/s-KaiNet/node-sp-auth.git
npm run build
- runs linting and typescript compilationnpm run dev
- setup watchers and automatically runs typescript compilation, tslint and tests when you save files
Integration testing
- Rename file
/test/integration/config.sample.ts
toconfig.ts
. - Update information in
config.ts
with appropriate values (urls, credentials). - Run
npm run test:integration
. - For tests debugging put a breakpoint and press F5 (works in VSCode only).