Overview

🔐 SharePoint authentication strategies implemented in Gosip

Authentication strategies

Auth strategy should be selected corresponding to your SharePoint environment and its configuration.

Import path strategy "github.com/koltyakov/gosip/auth/{strategy}". Where /{strategy} stands for a strategy auth package.

Strategy path

SPO

On-Prem

Credentials sample(s)

/saml

✅

❌

​sample​

/addin

✅

❌

​sample​

/ntlm

❌

✅

​sample​

/adfs

✅

✅

​spo, on-prem, on-prem (wap)​

/fba

❌

✅

​sample​

/tmg

❌

✅

​sample​

JSON and struct representations are different in terms of language notations. So credentials parameters names in private.json files and declared as structs initiators vary.

Additional strategies

Gosip supports custom (ad hoc) strategies. Some worthy are boiled in the Sandbox to be added later on to the main package in a case of the demand.

Strategy name

SPO

On-Prem

Credentials sample(s)

Azure AD Auth

✅

❌

​device, certificate​

On-Demand

✅

✅

​sample​

Alternative NTLM

❌

✅

​see more​

Dynamic auth (helper)

✅

✅

​see more​

Secrets encoding

When storing credential in local private.json files, which can be handy in local development scenarios, we strongly recommend to encode secrets such as password or clientSecret using cpass. Cpass converts a secret to an encrypted representation which can only be decrypted on the same machine where it was generated. This minimize incidental leaks, i.e. with git commits.