Forum Discussion
SharePoint App-Only authentication security risks
I am assessing the security risks associated with older SharePoint App-Only authentication method. As per my analysis, this method is less secure than using the Azure AD App Registrations. Both S...
Hi Gurdev,
Azure AD app registrations using certificates is what you should be looking at as this is the recommended way of connecting to SharePoint as an app.
https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread?WT.mc_id=M365-MVP-5003471
Azure AD app registrations using certificates is what you should be looking at as this is the recommended way of connecting to SharePoint as an app.
https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread?WT.mc_id=M365-MVP-5003471
Thanks Joel...yeah, totally understand the recommendation that certificates with Azure AD are the most secure method. However, in our case, the solution requires usage of SharePoint APIs that are not supported with Azure AD App Only. My job is to determine the security risks in allowing the SharePoint App-Only method and hence my original post.