Forum Discussion
"Token type is not allowed" error on sharepoint search API
Aim:- To access sharepoint through REST Api
Steps taken:-
- Created site on sharepoint.
- Registered site as an app using https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbhyve10.sharepoint.com%2Fsites%2FTech%2F_layouts%2F15%2Fappregnew.aspx&data=04%7C01%7Co365sup8%40microsoft.com%7Cbfe06b253de34885950a08d9e23b8f0d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637789568299728568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WY%2BGE1%2FpQurUMOeVsdfvW3F3mnWfIjcaCUOmNkWknSU%3D&reserved=0
- Granted tenant scope permission using https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbhyve10.sharepoint.com%2Fsites%2FTech%2F_layouts%2F15%2Fappregnew.aspx&data=04%7C01%7Co365sup8%40microsoft.com%7Cbfe06b253de34885950a08d9e23b8f0d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637789568299728568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WY%2BGE1%2FpQurUMOeVsdfvW3F3mnWfIjcaCUOmNkWknSU%3D&reserved=0
- Permission xml used
- <AppPermissionRequests AllowAppOnlyPolicy="true"><AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" /></AppPermissionRequests>
4. Collected app identifier from https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbhyve10.sharepoint.com%2Fsites%2FTech%2F_layouts%2F15%2Fappregnew.aspx&data=04%7C01%7Co365sup8%40microsoft.com%7Cbfe06b253de34885950a08d9e23b8f0d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637789568299728568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WY%2BGE1%2FpQurUMOeVsdfvW3F3mnWfIjcaCUOmNkWknSU%3D&reserved=0
5. Fetched access token using https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Faccounts.accesscontrol.windows.net%2F%253C%253C%253E%253E%2Ftokens%2FOAuth%2F2%2F&data=04%7C01%7Co365sup8%40microsoft.com%7Cbfe06b253de34885950a08d9e23b8f0d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637789568299728568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=tCjKyunrE4H9LbphNC0sQYV7YS0yLn24muvgfEL6U%2BE%3D&reserved=0
6. Tried to search using https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbhyve10.sharepoint.com%2Fsites%2FTech%2F_api%2Fsearch%2Fquery%3Fquerytext%3D%27smart%27&data=04%7C01%7Co365sup8%40microsoft.com%7Cbfe06b253de34885950a08d9e23b8f0d%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637789568299728568%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Q0bcbQ660duts0ylYkBfE5GlCBUYtpEQKFWD61V8QvE%3D&reserved=0
Headers
Content-Type:application/json;odata=verbose
Accept:application/json;odata=verbose
Authorization:Bearer <<access token from step 5>> Got below error message
{"error":"invalid_request","error_description":"Token type is not allowed."}
3 Replies
See if the below URL can help?
That solution does not work for me. I get the following error on the last statement:
>Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCredential set-spotenant -DisableCustomAppAuthentication $false
Connect-SPOService : A parameter cannot be found that matches parameter name 'DisableCustomAppAuthentication'.
At line:1 char:105
+ ... $userCredential set-spotenant -DisableCustomAppAuthentication $false
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [Connect-SPOService], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.Online.SharePoint.PowerShell.ConnectSPOService
