Authenticating to SharePoint Online site using CSOM

New Contributor



We have federated authentiation in our org and i am trying to connect to SharePoint site using CSOM with SharePoint Online credentials but getting an error. Here is the error message;

Microsoft.SharePoint.Client.IdcrlException: The partner returned a bad sign-in name or password error. For more information, see Federation Error-handling Scenarios. Anyone know a solution to this problem.

8 Replies
best response

I've seen this error more than once. In most cases I just typed username / password wrong. Federated authentication should not be a problem but have you considered using App Credentials also? Are you using Multi-factor authentication? 


PnP's AuthenticationManager Class provides some usefull utility methods to obtain an authenticated context in different ways. Could you try using GetWebLoginClientContext  for getting an authenticated context?



It looks like we are facing a similar issue, but have asked in different parts of the forum.

I'll let know if I find anything.


Thanks Chris, i am glad that i am not the only one with this issue.


Connecting to SharePoint Online using PnP PowerShell Connect-PnPOnline allows you to specify a UseWebLogin parameter. This allows you to connect with MFA enabled. Once connected you'd have many more cmdlets at your disposal


Hope this helps!

Thanks Chris and Paul, i finally able to connect to SP Online site using OfficeDevPnP (


Thanks a lot, it works well for us. 

Here same problem. Federation with MFA, with digital key. So no more UN and PWD.


login with pnp-online works because I can user -weblogin.


But for some parts of my scripting I need CSOM. And the login for CSOM is with UN and PWD and I can't find a way to login with weblogin.



This is the code I used for CSOM-login which doesn't work anymore.

function Connect-CSOM($siteURL)
    Add-Type -Path ".\Microsoft.SharePoint.Client.dll"
    Add-Type -Path ".\Microsoft.SharePoint.Client.Runtime.dll"

    $adminAccount = "*******************"
    $adminPassword = ConvertTo-SecureString "***********" -AsPlainText -Force
    $cred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $adminAccount, $adminPassword

    #$cred= Get-Credential
    $credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($cred.Username, $cred.Password)

    $script:contextWeb = New-Object Microsoft.SharePoint.Client.ClientContext($siteURL)
    $script:contextWeb.Credentials = $credentials




I have another issue, if customer using certificate for select the digital key. How could we skip it using SharePoint online CSOM sdk ?