I'm trying to follow the instructions on https://github.com/OfficeDev/PnP/tree/master/Samples/Core.CloudServices in order to set up a web service than can talk to an Office 365 tenant. I'm trying to follow the instructions there, but I am using Visual Studio 2015 and the instructions seem to be only partially updated for 2015. Either that or I don't have a Visual Studio component set up correctly. Specifically, I get to the step where it says to click on the "Convert to App for SharePoint Project" sub-menu item of the "Convert" menu item in the context menu on the web role project. However, I don't have a "Convert" menu item. Is this something that changed in VS2015 or am I missing a VS2015 component? If it's changed in VS2015, what's the new way to do this? VesaJuvonen, you made the last updates to the Readme 17 days ago. Can you please tell me what I am doing wrong?Thanks!

Hi Michael, If your main interest is understanding how to authenticate using "app-only" with Azure AD then I would recommend checking this web cast: https://channel9.msdn.com/blogs/OfficeDevPnP/PnP-Web-Cast-Introduction-to-Authentication-Manager-in-PnP-Core-Library. The PnP core library has classes that make it easy to do what you want.

You can for example follow the guidance from PnP Partner Pack (starter kit for partners) at https://github.com/OfficeDev/PnP-Partner-Pack/blob/master/Documentation/Manual-Setup-Guide.md for enabling app-only with Azure. You'll need to do few steps, but the PnP Partner Pack documentation is great step-by-step process on doing required steps.

Bert,Thank you! That video helped a lot. After watching that, I figured out that once I added the SharePointPnPCoreOnline nuget package to my web service, I could use AuthenticationManager.GetAzureADAppOnlyAuthenticatedContext(...) to get a ClientContext. A question about that method. I uploaded the certificate to the web service by adding it to the SSL section of its configuration web page in Azure (in the new portal). To reference that certificate, since I don't know what the file path is, I can reference it from the certificate store, right? So my call looks like GetAzureADAppOnlyAuthenticatedContext(urlToTeamSite, ClientID,"mytenant.onmicrosoft.com", StoreName.My, StoreLocation.LocalMachine, PfxThumb);. Is the Certificate store name and location the correct enum values? Also, is the siteURL, the URL of a specific team site, or the site collection's root site? In other words, is it https://tenant.sharepoint.com/sites/sitecollectionrootsite, or can it be https://tenant.sharepoint.com/sites/sitecollectionrootsite/subsiteX/subsiteY? Thanks,Michael

Hi Michael, You create a clientcontext for the site you need, if that's a sub site you want to work against then you should create the clientcontext using the sub site url. Regarding the certificate: it's up your implementation to handle this, storing it in the local machine certificate store is definitely a valid option.

This is an old sample created back in the days when Azure Web Apps and Web Jobs were not yet well developed and broadly used. Nowadays I would recommend using Azure Web Apps instead of a web role and Azure Web Jobs instead of worker roles...when you do there's no additional plumbing you need to do to make it work with Azure.

PnP Sample Core.CloudService problem | Microsoft Community Hub

BertJansen
Microsoft
Aug 25, 2016
This is an old sample created back in the days when Azure Web Apps and Web Jobs were not yet well developed and broadly used. Nowadays I would recommend using Azure Web Apps instead of a web role and Azure Web Jobs instead of worker roles...when you do there's no additional plumbing you need to do to make it work with Azure.
VesaJuvonen
Microsoft
Aug 26, 2016
Like Bert mentioned, we do recommend using WebJobs or WebAPIs / web services to talk to Office 365 nowadays. You do not need to go through this level of setup due these enhanced capabilities in Azure. If you are just trying to have a web service, whcih talks to Azure, you can simply implement it for example as a WebAPI, whcih then uses app-only permissions to gain access to SharePoint.

Happy to provided additional details, if you specificy the needed scenario.
Michael Blumenthal
MVP
Aug 31, 2016
OK, now I have a WebApi Azure web app, and I have registered it in Azure AD. I have a client ID and client secret. I plan to use app-only authentication, not user authentication. I want to follow the process described in https://graph.microsoft.io/en-us/docs/authorization/app_only. I assume I am not the first person to do this. Is there sample code in C# that implements the process described in that article? My webservice is being called with a parameter that is the ID of an email message. I want to use the Graph API for emails to get the subject and attachment from the message whose ID was passed in.
- VesaJuvonen
  Microsoft
  Sep 01, 2016
  You can for example follow the guidance from PnP Partner Pack (starter kit for partners) at https://github.com/OfficeDev/PnP-Partner-Pack/blob/master/Documentation/Manual-Setup-Guide.md for enabling app-only with Azure. You'll need to do few steps, but the PnP Partner Pack documentation is great step-by-step process on doing required steps.
  - Michael Blumenthal
    MVP
    Sep 01, 2016
    Vesa,
    Thank you. I followed the Partner Pack instructions at https://github.com/OfficeDev/PnP-Partner-Pack/blob/master/Documentation/Manual-Setup-Guide.md. There were a few things I ran into:
    The documentation uses screen shots and instructions for the old azure portal. I had to use manage.windowsazure.com to upload the certificate and set the app setting. I couldn't figure out where to do that in portal.azure.com. It would be great if the docs could be updated to reflect using the current Azure Portal.
    When I needed to add the Key Credentials to the manifest json file, I got an error, as described here: https://social.msdn.microsoft.com/Forums/azure/en-US/7c8bc608-7e9e-4075-9a18-1982ad4679c4/unable-to-upload-application-manifest-file?forum=WindowsAzureAD#8fa9e6cb-84c6-454a-9f4f-d825738e0a1f . As you can see, my fix was to upload a version of the manifest where I had the keyCredentials cleared out, then upload one where it was set.
    Also, the instructions in the Partner Pack contain the sentence:"There, you will have to configure a setting called WEBSITE_LOAD_CERTIFICATES with a value of ***. " Given the associated picture, I believe the sentence should end with quote-star-quote ("*") instead of star-star-star (***).
    Hope that helps other people.
    Now I still have to write the code that gets the token and uses it to talks to the O365 APIs that I am interested in.
    
    VesaJuvonen wrote:
    You can for example follow the guidance from PnP Partner Pack (starter kit for partners) at https://github.com/OfficeDev/PnP-Partner-Pack/blob/master/Documentation/Manual-Setup-Guide.md for enabling app-only with Azure. You'll need to do few steps, but the PnP Partner Pack documentation is great step-by-step process on doing required steps.

Forum Discussion

PnP Sample Core.CloudService problem