sharepoint Working with Managed Client Side Object Model (CSOM) Context. Using a credential cache for elevated execution of code
Example
While server side-code can run with elevated privileges, there is not an equivalent method to elevate privileges in client-side code (for obvious security reasons). As an alternative, you can specify credentials to emulate the access of a specific user or service account.
To specify credentials, build and populate a CredentialCache object, then assign it to your ClientContext object's Credentials property.
The example below emulates the application pool account, and assumes an on-premises SharePoint 2013 environment with NTLM.
using System.Net;
using Microsoft.SharePoint.Client;
using (ClientContext ctx = new ClientContext("https://onpremises.local/sites/demo/"))
{
// need the web object
ctx.Load(ctx.Web);
ctx.ExecuteQuery();
// here the default network credentials relate to the identity of the account
// running the App Pool of your web application.
CredentialCache credCache = new CredentialCache();
cc.Add(new Uri(ctx.Web.Url), "NTLM", CredentialCache.DefaultNetworkCredentials);
ctx.Credentials = credCache;
ctx.AuthenticationMode = ClientAuthentication.Default;
ctx.ExecuteQuery();
// do stuff as elevated app pool account
}
Note that granting the application pool account elevated privileges in SharePoint is against best practice, but that any relevant network credentials could be used in its place.
