Remote event receiver authentication

1
votes

I have Office365 subscription (sharepoint online) and azure subscription. I'm hosting web service in the azure. There is remote event receiver inside of the web service which triggers on some event in my sharepoint online subscription. Everything is working fine, but there is one problem: I have no idea how to put some authentication on my remote event receiver because right now it public without any authorization.

Is there any way to add auhtorization? Like for example:

https://blabla.azurewebsites.net/webservicename.svc?password=xxx?login=yyy

1
azuresharepoint
Have you tried to connect your Azure subscription to the O365 Azure AD? Then at least the identities in O365 will be available in Azure. But I don't know what account identity SharePoint Online use when issuing the remote event to your web service. But it could be worth a try. - Mattias Lindberg

1 Answers

0
votes

But why do you need it? From what I understand you have a SPRemoteEventReceiver, right? And you are triggering the event sending to the receiver a SPRemoteEventProperties object. Without this object, no one can use your service, and this object has the context token and the correlation ID, so it is pretty safe.