{"id":17843,"library":"node-sp-auth","title":"SharePoint Unattended HTTP Authentication","description":"node-sp-auth is a JavaScript/TypeScript library designed for performing unattended (non-interactive) HTTP authentication against SharePoint environments, supporting SharePoint 2013 and newer, as well as SharePoint Online. It automatically determines the appropriate authentication strategy (e.g., NTLM, FBA, SAML, ADFS, Add-in only) based on provided credentials and handles credential caching for performance. The current stable version is 3.0.9. However, the package is no longer actively maintained, with no new features or versions expected. Developers are strongly advised to migrate to `@azure/msal-node` for modern SharePoint Online authentication, especially as some authentication methods, particularly those relying on the SharePoint Add-in model, will cease to function after April 2026 due to Microsoft's retirement of Azure ACS and the Add-in model.","status":"deprecated","version":"3.0.9","language":"javascript","source_language":"en","source_url":"git://github.com/s-KaiNet/node-sp-auth","tags":["javascript","sharepoint","authentication","nodejs","saml","oauth","adfs","typescript"],"install":[{"cmd":"npm install node-sp-auth","lang":"bash","label":"npm"},{"cmd":"yarn add node-sp-auth","lang":"bash","label":"yarn"},{"cmd":"pnpm add node-sp-auth","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Commonly used HTTP client for making requests after obtaining authentication headers. Not a direct peer dependency, but essential for practical usage.","package":"request-promise","optional":true}],"imports":[{"note":"The library primarily exports a namespace object containing the `getAuth` method.","wrong":"import spauth from 'node-sp-auth';","symbol":"spauth","correct":"import * as spauth from 'node-sp-auth';"},{"note":"While `getAuth` is the primary function, it's typically accessed as a member of the `spauth` namespace object, not as a direct named export.","wrong":"import { getAuth } from 'node-sp-auth';","symbol":"getAuth","correct":"import * as spauth from 'node-sp-auth';\nconst authOptions = await spauth.getAuth(url, credentials);"},{"note":"For CommonJS, the entire module is imported as an object containing `getAuth`.","wrong":"const { getAuth } = require('node-sp-auth');","symbol":"spauth (CommonJS)","correct":"const spauth = require('node-sp-auth');"}],"quickstart":{"code":"import * as spauth from 'node-sp-auth';\nimport * as request from 'request-promise'; // Ensure request-promise is installed\n\nasync function authenticateAndFetch() {\n  const url = process.env.SP_SITE_URL ?? 'https://yourtenant.sharepoint.com/sites/dev';\n  const username = process.env.SP_USERNAME ?? '';\n  const password = process.env.SP_PASSWORD ?? '';\n\n  if (!username || !password) {\n    console.warn(\"SP_USERNAME or SP_PASSWORD environment variables are not set. This example might fail without proper credentials.\");\n  }\n\n  const credentialOptions = {\n    username: username,\n    password: password\n    // Add other credential options (e.g., tenant ID, client ID, client secret) as needed\n    // for specific authentication types like SAML or ADFS.\n  };\n\n  try {\n    const authResult = await spauth.getAuth(url, credentialOptions);\n\n    const headers = authResult.headers;\n    headers['Accept'] = 'application/json;odata=verbose';\n\n    console.log('Authentication successful. Making request...');\n\n    const response = await request.get({\n      url: `${url}/_api/web`,\n      headers: headers,\n      // IMPORTANT: For NTLM authentication, pass the 'agent' property if it exists\n      agent: authResult.options?.agent\n    });\n\n    console.log('Successfully fetched web data:');\n    console.log(JSON.parse(response));\n\n  } catch (error) {\n    console.error('Authentication or request failed:', error);\n  }\n}\n\nauthenticateAndFetch();","lang":"typescript","description":"This example demonstrates how to use `node-sp-auth` to obtain authentication headers for a SharePoint site and then use them with `request-promise` to fetch data from the SharePoint REST API."},"warnings":[{"fix":"Developers are strongly encouraged to migrate to modern, actively maintained alternatives like `@azure/msal-node` for SharePoint Online authentication or evaluate other solutions for on-premises SharePoint.","message":"The `node-sp-auth` package is no longer actively maintained by its author. No new features or versions are expected. Development is primarily limited to community-contributed PRs.","severity":"deprecated","affected_versions":">=3.0.0"},{"fix":"Review your authentication strategy immediately. Migrate to modern SharePoint Online authentication flows (e.g., client credentials, device code flow) using `@azure/msal-node` or other Microsoft-recommended libraries. Consult official SharePoint documentation for updated guidance.","message":"Some authentication methods, particularly those relying on the SharePoint Add-in model and Azure ACS, will cease to function after April 2026 due to Microsoft's retirement of these services. This will directly impact `node-sp-auth` users relying on these specific flows.","severity":"breaking","affected_versions":">=3.0.0"},{"fix":"Ensure your HTTP client (e.g., `request-promise`, `axios`) is configured to use the `agent` property provided by `node-sp-auth` for all requests requiring NTLM. For `request-promise`, this is done via the `agent` option in the request configuration.","message":"For SharePoint on-premise NTLM authentication, the `getAuth` method might return an `agent` property within the `options` object (i.e., `authResult.options.agent`). This custom HTTP agent *must* be passed to the underlying HTTP client for successful authentication; otherwise, requests will fail.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-23T00:00:00.000Z","next_check":"2026-07-22T00:00:00.000Z","problems":[{"fix":"Update your authentication strategy to use modern flows supported by `@azure/msal-node`, such as client credentials or device code flow, for SharePoint Online.","cause":"Attempting to use SharePoint Add-in based authentication methods after April 2026, which are deprecated and will be retired by Microsoft.","error":"Access denied. You do not have permission to perform this action or access this resource."},{"fix":"When using `request-promise` or similar, ensure the `agent` property from `authResult.options.agent` is included in your request configuration object.","cause":"For SharePoint on-premise NTLM, the custom HTTP `agent` provided by `node-sp-auth` was not correctly passed to the HTTP client making the request.","error":"Error: NTLM authentication failed: unable to negotiate"},{"fix":"Carefully review the `credentialOptions` object structure and values against the `node-sp-auth` Wiki for the specific authentication strategy (e.g., SAML, FBA, NTLM) you are attempting to use. Verify usernames, passwords, client IDs, and secrets.","cause":"Incorrect or malformed `credentialOptions` object provided to `spauth.getAuth()`, or the credentials themselves are invalid.","error":"Could not authenticate to SharePoint. Invalid credentials provided."}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}