A small company where I’m a customer has a SharePoint where I can upload documents to them through a web interface, accessed through a link like this:
https://xxxxxx.sharepoint.com/:f:/s/Kundenakten/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx?email=fredrik%40roubert.name&e=xxxxxx
That link leads to a Request Verification Code dialog box with a Send Code button, which sends me an email with “12345678 is your Microsoft SharePoint verification code”, which I then can use to access the SharePoint web interface.
The question has been asked before in these forums, whether this is something that can be accessed using rclone (and, if so, how to properly configure rclone to do it), without ever receiving any clear answers:
Today, I finally managed to figure out that this is indeed possible to do and even quite easy to configure.
I got the important information that I was missing from here:
The authentication cookie FedAuth that one gets after entering the verification code received per email into the web form remains valid for a few days, so for someone like myself there's no need to complicate things with a script, it's easy enough to just copy-paste the cookie string manually from the web browser into rclone.conf after each new login. (The rtFa cookie also mentioned in that script doesn't get set for me when I log in and everything seems to work fine without it.)
So my rclone.conf for the URL mentioned above, using the FedAuth cookie copy-pasted from my browser after logging in, then became as simple as this:
[xxxxxx]
type = webdav
url = https://xxxxxx.sharepoint.com/sites/Kundenakten
vendor = other
headers = Cookie,FedAuth=xxxxxxxx;
Note that it apparently must be vendor = other and not vendor = sharepoint there in order to use the cookie for authentication (instead of attempting password authentication, which can't work as I don't have any account with a password here).
I think it'd be very useful if this information could be added to the official rclone documentation.