Microsoft Modern Authentication - SSO
In some company, getting application level permissions might be hard to do due to security reason. Within those environment, setting up a job that runs periodically could be difficult. One of the way to do it is to make sure your job running account has enough permissions and you have a SPN with enough delegated permissions. The below code show how to use the logged in account to get access token for SharePoint scope. public async Task<string> GetSSOUserAccessToken(Uri spSiteUrl) { var _clientId = ""; var _tenantId = ""; var _scheme = siteUrl.Scheme; var _hostUrl = siteUrl.host; var _scope = "AllSites.FullControl"; string[] _scopes = new string[] {string.Format("{0}://{1}/{2}", _schem, _hostUrl, _scope); var authority = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/", "https://login.microsoftonline.com", _tenantId); try { IPublicClientApplication app = PublicClientApplicationBuilder.Create(_clientId).WithAu