Monday 13 July 2020

This article clearly outlines what the prefered Microsoft approach is with respect to authentication within SharePoint Online....that being to use "Azure AD application registration".

(Over "SharePoint App only" or any of the legacy approaches using user names and passwords from key vaults or config files)

One further point to note to perhaps the less experienced out there, is that you must always consider your customer. Just because microsoft have a new way of doing it, that doesnt mean that the customer estate will want you to use that approach. Its important to run these sorts of things past the customer before you build it negate the risk of reengineering it in the future. Obvsiouly you will present the most modern approach but perhaps there are limitations as to why they cant do it. :) https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly