Legacy Add-In authentication

[MandarbZA]

Hi
I have a ASP.Net web API project that talks to Project Online, and I want to move it over to a .Net 5 Web API. The only way to do that without storing user credentials somewhere, is to use the SharePoint add-in model to get an access token.
These days, there's still no Graph API methods for everything that is available in the ProjectServer.Client CSOM, so AzureAD authentication isn't possible.
Am I wrong in the above? If not, is it possible to use the authentication manager to use the client ID and secret from the add-in?
I have a different app that talked to SharePoint only and with the old SharePointPnPCoreOnline package that is an option, but would prefer not to use that package since it is retired.

[jansenbe]

The AuthenticationManager supports ACS, so if you've a clientid / secret you should be able to get an access token.

[MandarbZA]

Thank you. I assume that is this constructor:
public static AuthenticationManager CreateWithOnBehalfOf(string clientId, string clientSecret, UserAssertion userAssertion, string tenantId = null, AzureEnvironment azureEnvironment = AzureEnvironment.Production, Action<ITokenCache> tokenCacheCallback = null)
Can you point me how to get the UserAssertion? I'm guessing from the HTTPContext the way the SharePointContext and TokenHelper classes does, but then I'm back to using Microsoft.IdentityModel and today has taught me that doesn't work with .Net 5.
I can't find much documentation on how to using the new constructors, but that might be my search skills.
Thank you

[jansenbe]

To use Azure ACS please use below:

using (var clientContext = new AuthenticationManager().GetACSAppOnlyContext("https://contoso.sharepoint.com/sites/asite", "5cf14724-ca05-4e63-9c29-8044b847a3c7", "ACS SECRET"))
{

}