How to authenticate with SharePoint Online for a PHP app?
SharePoint Online (SPO) supports claims based authentication.
The below picture demonstrates how authentication is performed in SPO:
According to this post the authentication process consists of the following steps:
Steps:
- Send SAML Request to STS
- Receive SAML Response
- Send the Security Token to SharePoint Online
- Receive the authentication cookies
- Send requests including authentication cookies
phpSPO - SharePoint client for PHP supports SPO authentication.
The library provides a SharePoint Online (SPO) client for PHPapplications. It allows you to performs CRUD operations on SharePointdata using an SharePoint 2013 REST/OData based API.
Examples
How to perform authentication in SharePoint Online (SPO):
try { $client = new SPOClient($url); $client->signIn($username,$password); echo 'You have authenticated successfully\n';}catch (Exception $e) { echo 'Authentication failed: ', $e->getMessage(), "\n";}The following examples demonstrates how to perform CRUD operations on SharePoint list data:
<?php require_once 'SPOClient.php'; $username = 'username@tenant.onmicrosoft.com';$password = 'password';$url = "https://tenant.sharepoint.com/"; $client = new SPOClient($url);$client->signIn($username,$password); //Get Tasks list$listTitle = 'Tasks';$list = $client->getList($listTitle); //Create a Task item$itemProperties = array('Title' => 'Order Approval', 'Body' => 'Order approval task');$taskItem = $list->addItem($itemProperties);print "Task '{$taskItem->Title}' has been created succesfully.\r\n"; $itemId = $taskItem->Id;//Update a Task item$itemProperties = array('PercentComplete' => 1);$list->updateItem($itemId,$itemProperties); //Delete a Task item$list->deleteItem($itemId); ?>References
Not sure if you still need help on this - Sharepoint is usually set to sync up with Active directory (AD/LDAP). So really if you have users that use sharepoint AND are being internally authenticated in their company via their Active directory login, then what you may want to look at is authenticating your app against LDAP (and use the email address or domain id as the username)
Here is some more info on that:Authenticating in PHP using LDAP through Active Directory