Download a File From SharePoint Online Using Python

How do you download a file from a SharePoint Online library using Python?

Update – If you scroll to the bottom, I’ve outlined another approach that uses a username and password to connect via the SharePlum library.

Items needed to run the script in this example:
Office365 Rest Python Client library:
https://pypi.org/project/Office365-REST-Python-Client/
SharePoint App Only Client Id and Secret:
Microsoft documentation:
https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs
You can create an app principle limited to a single site, list, library, or combination.
Old way (being depreciated):
https://piyushksingh.com/2018/12/26/register-app-in-sharepoint/
Modern approach:
https://www.sharepointed.com/2024/03/modernizing-authentication-in-sharepoint-online/

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.sharepoint.client_context import ClientContext
from office365.sharepoint.files.file import File

app_settings = {
    'url': 'https://YOURtenant.sharepoint.com/sites/somesite/',
    'client_id': '12344-abcd-efgh-1234-1a2d12a21a2121a',
    'client_secret': 'Oamytacohungry234343224534543=',
}

context_auth = AuthenticationContext(url=app_settings['url'])
context_auth.acquire_token_for_app(client_id=app_settings['client_id'], client_secret=app_settings['client_secret'])

ctx = ClientContext(app_settings['url'], context_auth)
web = ctx.web
ctx.load(web)
ctx.execute_query()

response = File.open_binary(ctx, "/Shared Documents/Invoice.pdf")
with open("./Invoice.pdf", "wb") as local_file:
    local_file.write(response.content)

If the above script does not work, step back and ensure you are connected to the site. The following script connects to a site and outputs its title. This is useful to validate that a site connection can be made.

from office365.runtime.auth.authentication_context import AuthenticationContext
from office365.sharepoint.client_context import ClientContext
from office365.sharepoint.files.file import File

app_settings = {
    'url': 'https://YOURtenant.sharepoint.com/sites/somesite/',
    'client_id': '12344-abcd-efgh-1234-1a2d12a21a2121a',
    'client_secret': 'Oamytacohungry234343224534543=',
}

context_auth = AuthenticationContext(url=app_settings['url'])
context_auth.acquire_token_for_app(client_id=app_settings['client_id'], client_secret=app_settings['client_secret'])

ctx = ClientContext(app_settings['url'], context_auth)
web = ctx.web
ctx.load(web)
ctx.execute_query()

print("Site title: {0}".format(web.properties['Title']))

You can also use a certificate and thumbprint to connect to SPO via an Azure App registration.

import os
from office365.sharepoint.client_context import ClientContext

cert_credentials = {
    "tenant": "44c5f68f-b375-57fd-92dd-0e3d637592ac",
    "client_id": "7cbe82dd-6e9a-4672-b4dc-882d282689ad",
    "thumbprint": "729CAFBBF44861803BC02F25FD17EF2EAB4C242F",
    "cert_path": "C:\\path-to-cert\\SPO-GraphAPI.pem"
}
ctx = ClientContext("https://tacofarm.sharepoint.com/sites/GraphTest").with_client_certificate(**cert_credentials)
current_web = ctx.web.get().execute_query()
print("{0}".format(current_web.url))

SharePlum connection example using a username and password to connect to SharePoint Online. More details about SharePlum can be found here: https://github.com/jasonrollins/shareplum

from shareplum import Site
from shareplum import Office365

sharepoint_url = 'https://YOURtenant.sharepoint.com/sites/spdev'
username = 'You@YourDomain.com'
password = 'Password'

authcookie = Office365('https://YOURtenant.sharepoint.com',
                       username=username,
                       password=password).GetCookies()
site = Site('https://YOURtenant.sharepoint.com/sites/DEV/',
            authcookie=authcookie)
sp_list = site.List('Your List')
data = sp_list.GetListItems('All Items', row_limit=200)

If you get this error, you won’t be able to connect with a username and password, and you’ll need to use an App Password.

File “C:\Python311\Lib\site-packages\shareplum\office365.py”, line 80, in get_security_token
raise Exception(‘Error authenticating against Office 365. Error from Office 365:’, message[0].text)
Exception: (‘Error authenticating against Office 365. Error from Office 365:’, “AADSTS50076: Due to a configuration change made by your administrator, or because you moved
to a new location, you must use multi-factor authentication to access ”.”)

I’ve created this post to outline how to upload a large file to a SharePoint library:
https://www.sharepointed.com/2024/03/how-to-upload-a-large-file-to-sharepoint-using-the-microsoft-graph-api/

How to use an iFrame in a modern SharePoint Online page

Using the Embed web part I was trying to paste in a site URL when I should have been using the iFrame HTML tag.

example:

<iframe src="https://sharepointed.com" height="200" width="300"></iframe>

If you encounter this error: This website doesn’t support embedding using just the address ….

You will need to update the HTML Field Security settings in the Site Settings area of your site. In my case, I simply added sharepointed.com to the allow iframes from this domain list, then updated the web part again.

Connect to SharePoint Online Using PowerShell

Update and a much better way to approach this:
Use a SharePoint App Only Client Id and Secret to access the site, list, or library.

Microsoft documentation:
https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs
You can create an app principle that is limited to a single site, list, library, or a combination of them:
https://piyushksingh.com/2018/12/26/register-app-in-sharepoint/

 $sampleConnect = Connect-PnPOnline -Url "https://YOURsite.sharepoint.com/sites/parent/child" -AppId "12345-94c3-4149-bda5-abcedffadsf" -AppSecret "643r4er5sfdadsfadsfdsf=" -ReturnConnection

Write-Host  $sampleConnect.Url
In this example, I’m connecting to a Site Collection on my tenant.

Assumptions:
1) You have created a token in your o365 site
1.1) https://portal.office.com/account/
1.2) On the left site of the page click Security & privacy, then click Create and manage app passwords
1.3) In the app password page click the create button and give it a name.
1.4) Save the password to a secure location.
1.5) There is a better way of doing this that I will cover in a future post.
2) You have downloaded to CSOM DLL(s) from Nuget

Clear-Host

$userName = "me@sharepointed.com"
$pw = "abc123taco"  # I"M USING AN APP PASSWORD 
$siteCollectionUrl = "https://sharepointed.sharepoint.com/sites/taco"

#Secure the password
$securePassword = ConvertTo-SecureString $pw -AsPlainText -Force

Add-Type -Path "C:\Code\DLL\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Code\DLL\Microsoft.SharePoint.Client.Runtime.dll"

#Create Context
$ctx = New-Object Microsoft.SharePoint.Client.ClientContext($siteCollectionUrl)

#Authorise
$ctx.Credentials = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($userName, $securePassword)

$web = $ctx.Web
$properties = $web.AllProperties
$ctx.Load($web)
$ctx.Load($properties)
$ctx.ExecuteQuery()

Write-Host " Site Collectione URL: $($web.Url)"
Write-Host "Properties are "

foreach ($prop in $properties) {
    $prop.FieldValues
}