Apr 17 2019 06:42 AM
I am developing a solution which is multi tenant, basically in the application I can register tenants, with a username and password, I save the password in Azure Key vault securely and from my point of view its secure enough as I am not storing passwords anywhere else and only the app itself can read passwords to execute tenant operations, like creation of communication sites, modern sites, etc.
I analyzed a bit the code of the PnP-Powershell and the credentials are actually saved into the windows credential manager.
Almost a year ago I wanted to do this solution with App-Only, but then there is no API for creating modern sites with App-Only thats why I choosed to do it as explained above, there is a uservoice for this:
Analyzing the AuthenticationManager, I see there are some methods that dont use username and password but instead use certificates and return a ClientContext.
Speficially this: GetHighTrustCertificateAppOnlyAuthenticatedContext
Will this method allow creation of modern sites or it has also the same restriction as App-Only? Is there anyother way that I can access other tenant via CODE without actually having their username and password stored in my design
App-Only would be ideal but its still not implemented.
Apr 17 2019 03:49 PM
you can use Graph API and create an O365 Group
https://docs.microsoft.com/en-us/graph/api/group-post-groups?view=graph-rest-1.0 Application is supported, with Group.ReadWrite.All permission on your Azure Active Directory Application
Here you can find the reference https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/modern-experience-customizations-p...
I suggest to you to use graph directly, because of TeamSiteCollectionCreationInformation and PnP CSOM Core component in my experience has some bugs, but feel free to use, maybe in your case it works good :)
Cheers,
Federico
Apr 17 2019 11:16 PM
May 02 2019 04:11 AM
Would love that somebody from Microsoft can tell us something here.
May 06 2020 10:25 PM
@Luis Valencia : You can create team sites without group using app-only context, please find below links, that may be useful for you :
https://docs.microsoft.com/en-us/sharepoint/dev/apis/site-creation-rest