SharePoint Server 2013 Client Components SDK

SharePoint Server 2013 Client Components SDKSharePoint Server 2013 Client Components SDK provides the libraries, tools, and documentation you need to build client-side applications and remote solutions that interact with SharePoint 2013. It’s aimed at developers creating desktop applications, non‑SharePoint web apps, workflows, services, or automation scripts that must talk to SharePoint sites without deploying code to the server. This article explains what the SDK contains, common scenarios, installation and configuration steps, programming models, key APIs, examples, best practices, and troubleshooting tips.

What the SDK includes

The SDK bundles several resources to support client‑side development:

• Client libraries (CSOM): Managed .NET assemblies (Microsoft.SharePoint.Client.dll, Microsoft.SharePoint.Client.Runtime.dll and related assemblies) for interacting with SharePoint objects remotely.
• Client Object Model for JavaScript: js files to access SharePoint from browser-based scripts.
• REST/OData guidance: Documentation and examples for using SharePoint’s REST endpoints.
• WCF and web service examples: Patterns for calling SharePoint web services.
• Sample code and walkthroughs: End‑to‑end examples for common tasks (reading/writing lists, authentication, search, taxonomy).
• Documentation and API reference: Details on classes, methods, properties and usage.
• Powertools and command-line helpers: Utilities for packaging or basic automation tasks.

Who should use it

• Developers creating client applications (Windows desktop, console apps, Windows services) that need to access SharePoint data.
• Web developers building external web applications that consume SharePoint content via REST, CSOM, or JavaScript.
• Automation and scripting engineers working with PowerShell and managed code to perform maintenance or migrations.
• ISVs and integrators building solutions that integrate SharePoint with other systems without installing code on the SharePoint farm.

Key programming models

1. Client-Side Object Model (CSOM)

   • Primary managed approach for .NET clients.
   • Uses Microsoft.SharePoint.Client types to represent site, web, list, list item, user, etc.
   • Operates by building a client-side object graph and executing batched requests using ClientContext.ExecuteQuery().

2. JavaScript Object Model (JSOM)

   • For browser-based scripting in SharePoint pages or external sites referencing SharePoint scripts.
   • Similar object model semantics to CSOM but asynchronous patterns are common.

3. REST/OData endpoints

   • Use HTTP verbs (GET, POST, MERGE, DELETE) against SharePoint REST endpoints (/ _api/).
   • Works well for cross-platform clients, mobile apps, and non-.NET languages.
   • Supports JSON responses and OData query options.

4. SOAP web services (legacy)

   • Older ASMX services still available for some operations; generally superseded by REST/CSOM.

Authentication patterns

• NTLM / Kerberos: Typical for on‑premises SharePoint in domain‑joined environments.
• Claims-based authentication (SAML): When SharePoint is configured for claims and federated identity.
• Forms-based authentication (FBA): Custom membership providers in on‑premises farms.
• HTTP/SharePoint Online OAuth and app‑only tokens: Relevant when interacting with SharePoint Online or apps that use OAuth; the SDK itself focuses on SharePoint 2013 but many patterns apply.
• Secure handling of credentials: use CredentialCache, NetworkCredential, SharePointOnlineCredentials (for SharePoint Online), or OAuth token flows as appropriate.

Example: basic CSOM (C#) usage

using Microsoft.SharePoint.Client; using System; using System.Security; class Example {     static void Main()     {         var siteUrl = "https://yoursharepoint/sites/test";         var username = "domain\user";         var password = "P@ssw0rd"; // replace with secure retrieval         var securePwd = new SecureString();         foreach (char c in password) securePwd.AppendChar(c);         var credentials = new NetworkCredential(username, securePwd);         using (var ctx = new ClientContext(siteUrl))         {             ctx.Credentials = credentials;             Web web = ctx.Web;             ctx.Load(web, w => w.Title);             ctx.ExecuteQuery();             Console.WriteLine("Site title: " + web.Title);         }     } } 

Notes:

• In production, do not hardcode passwords; use secure stores (Azure Key Vault, Windows Credential Manager, encrypted config).
• For SharePoint Online use SharePointOnlineCredentials or OAuth flows.

Example: REST call (C# using HttpClient)

using System; using System.Net.Http; using System.Net.Http.Headers; using System.Threading.Tasks; class RestExample {     static async Task Run()     {         var site = "https://yoursharepoint/sites/test/_api/web/lists";         using (var client = new HttpClient())         {             client.DefaultRequestHeaders.Accept.Add(                 new MediaTypeWithQualityHeaderValue("application/json"));             // Add authentication headers as appropriate             var resp = await client.GetAsync(site);             resp.EnsureSuccessStatusCode();             string json = await resp.Content.ReadAsStringAsync();             Console.WriteLine(json);         }     }     static void Main() => Run().GetAwaiter().GetResult(); } 

Common tasks and snippets

• Read list items with CAML or REST queries.
• Create/update list items via CSOM or REST (use MERGE for updates).
• Manage permissions, groups, and roles via CSOM.
• Upload/download files to document libraries using File.SaveBinaryDirect or FileCreationInformation.
• Use TaxonomyClientService/TaxonomySession to interact with Managed Metadata.
• Search using the Query API (SearchExecutor in CSOM or /_api/search/query in REST).

Best practices

• Batch requests: combine multiple operations and call ExecuteQuery() once to reduce round trips.
• Dispose ClientContext and HttpClient properly.
• Cache tokens and avoid unnecessary authentication calls.
• Use asynchronous patterns in UI apps to keep the interface responsive.
• Throttle and retry: implement exponential backoff for transient errors.
• Prefer REST for cross-platform scenarios and CSOM for rich .NET interactions.
• Protect credentials and secrets; follow least-privilege principle for app permissions.

Troubleshooting tips

• Common error: “Access denied” — check user permissions, authentication method, and if using app permissions, ensure app principal has rights.
• “The property or field has not been initialized” — ensure you called ctx.Load(…) for the properties you need before ExecuteQuery().
• CSOM version mismatch — use assemblies that match your SharePoint server version.
• Large list retrieval — use paged queries (ListItemCollectionPosition) or REST \(top and \)skiptoken.
• Cross-domain JavaScript issues — consider CORS, JSONP, or proxy approaches; use SP.RequestExecutor.js for provider-hosted add-ins.

When to use the SDK vs. server-side code

• Use SDK/CSOM/REST when you cannot deploy farm solutions or require remote access from external systems.
• Use server‑side APIs (full trust code) only when you run code inside the SharePoint server and need access to server-only features not exposed by CSOM/REST.

Additional resources

• Official API references and MSDN/Docs articles for CSOM, REST endpoints, and authentication flows.
• Community blogs and GitHub samples for practical examples and reusable helpers.
• Tools: Fiddler or browser dev tools for inspecting REST calls and payloads.

If you want, I can:

• Add full code examples for common operations (list CRUD, file upload, search).
• Create a quickstart walkthrough for setting up a Visual Studio project using the SDK.
• Provide a trouble‑shoot checklist for deployment and authentication issues.