No one has responded to this discussion for at least a year, so this information may be out of date. If you're looking for information about this topic, please search for a more recent discussion or post a new question.

Client Object Model

This question has suggested answer(s) This question has suggested answer(s)


i try to get some Data from the SharePoint Online "Office365" Beta with the Client Object Model. I use an Sample from the MSDN but i always get the Error

"Server was unable to process request. ---> The server was unable to process the request due to an internal error. ...." in Visual Studio 2010.

Following the Code Snip:


  ClientContext clientContext = new ClientContext("");

      clientContext.AuthenticationMode = ClientAuthenticationMode.FormsAuthentication;
      clientContext.FormsAuthenticationLoginInfo = new FormsAuthenticationLoginInfo("USER", "PASS");

      Web web = clientContext.Web;
      ListCollection allLists = web.Lists;


      Console.WriteLine("{0} ({1})", web.Title, web.Description);

      foreach (List list in allLists)
        Console.WriteLine("{0} ({1})", list.Title, list.BaseType);

All Replies
  • Hi MartinL,

    Please post this over in the MSDN forum for help. Here is the link:


  • This is kind of comical because I found a post about using the Client Object model with Office365 in the technet forums from someone that I assume is the same MartinL.  The response was that the question should be posted in Office 365 beta forum.  Now in the beta form the suggestion is to post the question to MSDN.  

    Anyway, Martin – any luck finding an answer to your question?  I am having the same problem trying to use the Client Object Model with Office365.

  • Hi MartinL,

    The client object model is supported in Office 365 (GA) but we have not been able to confirm if it is available in Office 365 Beta, most likely not. What you can do at this point is check out our Sharepoint Online Customizations Webcast found here:

    If you have a Microsoft TAP to contact, that would be a good place to start as well.

    Lastly, if you absolutely need a confirmed answer for Beta, you can call Office 365 Support and ask to have them open an escalation to the MS Sharepoint Online Team and get an official answer.


  • I have similar problems with the Client Object Model. I think the root of the problem is the authentication web service (authentication.asmx) which is used when form authentication is set for the ClientContext.

    I tried also calling directly the authentication web service and got back 404 (Not Found) respond when I try to invoke the Login function.

    Probably the authentication.asmx is disabled in the beta. This means there is no way to use any of the remote API of Office 365 SharePoint?

  • Same here, just checked and authentication web service (/_vti_bin/authentication.asmx) is not available / blocked so no remote API access in the beta.

  • I have been able to get the Client Object Model to return information from an Office 365 site.  But there is one huge hurdle to still overcome.  Below is the code used to work with Office 365 and the Client Object Model.

     private void GetLists()
                   ClientContext context = new ClientContext(_uri);

                    context .Credentials = CredentialCache.DefaultCredentials;

                    context .ExecutingWebRequest += new EventHandler<WebRequestEventArgs>(ctx_ExecutingWebRequest);

                    Web w = context .Web;

                    var lists = context .LoadQuery(w.Lists);

                    context .ExecuteQuery(); 

            void ctx_ExecutingWebRequest(object sender, WebRequestEventArgs e)

                    CookieContainer cc = new CookieContainer();
                    cc.SetCookies(new Uri(_uri), "FedAuth=77u/PD94bWwgdmVyhcmVwb2ludC5jb20vTQ8UD4=; expires=Tue, 04-Jan-2011 02:37:12 GMT; path=/; HttpOnly");
                    e.WebRequestExecutor.WebRequest.CookieContainer = cc;

    Notice that I am setting the "FedAuth" cookie with a string(I shortened the string to improve clarity).  Well this is the cookie that used to authenticate with my Office 365 Site.  Here is where I have my dillema.  I was able to get this cookie by using Fiddler.  Notice that the cookie is an HttpOnly, this means that you are not able to get it out of a cookie container.  So I decided to see how Office was working.  I copied the URL of a document that i have uploaded to SharePoint into the file open of Word.  Much to my suprise it opened a dialog similar to the BrowserControl in Windows Forms.  It redirected the browser to  Once you enter your credentials, it opens the document just fine.  I tried to simulate the behavior in code, by using a WebBrowser control in windows forms.  The problem is that the WebBrowser Control does not give you access to the COokie Container, or Cookie Collection. all it gives you is a WebBrowser.Document.Cookie.  This is a semicolon delimited string, which does not show any cookies that are Http Only.  So if someone could post on here how to get the Fed Auth Cookie from the Live ID STS programmatically, we should be able to have this problem solved.


  • @Brad Porter, simply put you should't be putting FEDAUTH security token via code, its the authentication service that returns a FEDAUTH security token. For every subsequent request the security token is passed to the server. The sever verifies the token and returns the requested resource/service. So by simply passing the token in each call will do the trick. I done something similar but for Azure services while using browser control from Windows Phone 7 and it seems to me that authenication flow is kind of similar. The process is available at  

  • Well obviously you would never be able to actually see the FedAuth cookie but rather take the cookie container it is in set the e.WebRequestExecutor.WebRequest.CookieContainer = the cookiecontainer which contains the fedauth cookie.

  • Using the code below I succeed to read the "FedAuth" cookie that was stored by IE. After logging in to the SharePoint site, the cookie is valid for about 10 hours.

    Now if we can programmatically open IE and pre-authenticate with it, similar to what was suggested in an earlier post, then we can "push" the “FedAuth” cookie to the Client Object Model API or Web Service.
    Note that using the Microsoft.Http.Headers.Cookie class is not necessary, the result cookie can be parsed then  it can be replaced by System.Net.Cookie.


     [DllImport("wininet.dll", CharSet = CharSet.Auto, SetLastError = true)]

            protected static extern bool InternetGetCookieEx(string url, string name, StringBuilder cookieData, ref int length, int flags, IntPtr zero);



            public static Microsoft.Http.Headers.Cookie GetCookie(string url, string name)


                int INTERNET_COOKIE_HTTPONLY = 0x00002000;


                int dataSize = 100000;

                StringBuilder cookieBuffer = new StringBuilder(dataSize);

                bool bSuccess = InternetGetCookieEx(url, name, cookieBuffer, ref dataSize, INTERNET_COOKIE_HTTPONLY, IntPtr.Zero);

                if (!bSuccess)


                    Int32 err = Marshal.GetLastWin32Error();      //log err

                    throw new Win32Exception(err);




                if (cookieBuffer != null && (cookieBuffer.Length > 0))


                    Microsoft.Http.Headers.Cookie cookie = Microsoft.Http.Headers.Cookie.Parse(cookieBuffer.ToString());               

                    return cookie;



                return null;


  • Here's the code snippet of talking to sharepointonline via client object model if you're already logged in using browser. 

    You can do additional exception handling to check on null cookie. 

            string _url = "{your sharepoint site url}";

            private void GetLists()


                ClientContext context = new ClientContext(_url);

                context.Credentials = CredentialCache.DefaultCredentials;

                context.ExecutingWebRequest += new EventHandler<WebRequestEventArgs>(ctx_ExecutingWebRequest);

                Web w = context.Web;

                var lists = context.LoadQuery(w.Lists);



            void ctx_ExecutingWebRequest(object sender, WebRequestEventArgs e)


                CookieContainer cc = new CookieContainer();

                cc.SetCookies(new Uri(_url), GetCookieString()); 

                e.WebRequestExecutor.WebRequest.CookieContainer = cc;


            string GetCookieString()


                    return string.Format("{0};path=/;send for=Any type of connection", GetCookie(url, "FedAuth").ToString()));  

                   /*GetCookie as defined above by David   */


    To do this via web services:

    string url = "{your online sharepoint site url}";

    /*SPListService is web reference to lists.asmx*/

    SPListService.Lists spListService = new SPListService.Lists();

    CookieContainer cc = new CookieContainer();

    cc.SetCookies(new Uri(url), string.Format("{0};path=/;send for=Any type of connection", GetCookie(url, "FedAuth").ToString()));

    /*GetCookie as above post */

    spListService.CookieContainer = cc;

    XmlNode lists = spListService.GetListCollection();



  • Majid, for the webserices part can you share the fragment which you used to pass the login credentials? something that is also discussed at

  • Razi, you would need to login using Internet Explorer to your SharePoint Online site. The idea is to re-use the 'FedAuth' cookie in your code and pass it to web service in its cookie container. Since your browser has already authenticated and stored the cookie in your system so I presume you can use it for your code logic. Bit quirky but works !

    Just like once you're logged in using Internet Explorer you don't need to login again using the same browser session since the new session uses the same underlying cookie.  

    it will be nice if we could programme the browser login part too...

  • Hi. Mark here from the SharePoint Online team.

    We certainly support the client object model. And per auth best practices, we are publishing a new MSDN article that is to be posted soon that will provide clarity on how to authenticate properly for SharePoint Online within Office 365.

    When ready, the article will appear on our new SharePoint Online Developer Resource Center:

    The net of this issue is that you have to get the FedAuth cookie on to the request.  We’ll have sample code that goes along with article.  We’ve focused on how to do this for the client object model access – but the approach is the same for injecting the cookie on to the web service call.

    I'll update this thread when the article and sample code goes live.

  • Hi,

    is it possible to get an look into the Code Sample of the new MSDN article? I need this Solution for a part of my Bachelor Thesis .. And the time goes on :)


  • Are you sure that the /_vti_bin/authentication.asmx web service is not available?

    because I can see it in my sitecollection at: <name>


    The only thing is that when I use the AuthenticationService.Login(uname, pass) method to login to the sitecollection, I get the following error:


     Server was unable to process request. ---> The server was unable to process the request due to an internal error.