SharePoint remarks - Authentication modes

Previous Top Next

We offer different authentication modes to login to your SharePoint (on-prem or online). In case that you notice something strange please contact us over support@replacemagic.com with description what you tried to do but also how your SharePoint is configured (MFA, SSO, ...).




Modes (Microsoft article "Plan for user authentication methods in SharePoint Server"):

  • Windows Authentication (NTML or Kerberos) - in most cases should be used for on-premise version of SharePoint (SharePoint 2010/2013/2016/2019)
  • SharePoint Online (Office 365) - should be used for SharePoint.Online systems where normally when you connect to it you type in your browser username and password. This mode will not work in case that you are using Multi-factor authentication meaning that beside username and password you also need to provide code which is usually sent over your mobile phone.
  • Anonymous - in case that you do not need to provide anything (username/password) to connect to your SharePoint use this mode.
  • Forms Based - might be used in case that you want to provide logon for Non-Active Directory users. This mode is used by SharePoint admins in case that they want to implement own authentication mechanism (user data are stored in separate database). More info in Microsoft article here.
  • Claims (ADFS) [BETA] - in case that you are using claims authentication inside your SharePoint setup you can try this option. Here you will need to provide information like ADFS Domain, STS endpoint URL and IDPLD.
  • ADFS SSO [BETA] - in case that your users do not need to provide username and password to logon to your SharePoint site(s) you can try Single-Sign-On (SSO) authentication mode.
  • Default Credentials [BETA] - this is mainly for on-premise versions of SharePoint where user credentials were already used and are stored in your Windows.
  • Web Logon - some companies are requiring from employees to use MFA mode or they are disabling legacy authentication mode which will enforce you to provide username and password and also, potentially, code that will be usually sent to your phone. To enable this we included browser-based authentication which will open browser window when you try to connect to SharePoint using this mode. In that browser window you'll have to provide username and password and if you did not authenticate yourself already over normal browser you will need to request and type back code sent to you. Second option when MFA is used is to create app-password which will allow ReplaceMagic to log to SharePoint without MFA. In that case you will need to use your normal username and as a password to enter app-password that you created. More details can be found here. Microsoft Information Protection is supported only with this authentication mode. WebLogon might not work if Microsoft Cloud Defender is setup (this will depend on your policies)
  • App-Only Authentication - SharePoint app-only authentication should work for SharePoint on-premise but also Online versions. To use it you will need to create Client/App ID and Client/App secret which will be used to connect to your SharePoint environment. During creation of ID and secret you'll have to set what permissions ReplaceMagic application will have. We recommend FullTrust as then ReplaceMagic should be able to keep document metadata. More information about App-Only authentication can be found here.


Remark: coding in case of [BETA] modes is done without possibility to make testing. In case of issues please let us know and we can work with you to find way to use one of non-beta modes. In case that after using some of BETA modes you were able to connect to your SharePoint and "Scan Document" and "Search & Replace" processes worked (you could see list of documents in selected location (scan documents) and changes done (search & replace) were saved) mode worked for you.