Forum Discussion

rohanw24's avatar
rohanw24
Brass Contributor
Jan 22, 2021

Access Denied when making Project Online API call

Hi All,

 

I'm able to get a access token. But when I try to make an Project Online API call using that token, I get "Access denied you do not have permission to perform this action or access this resource". Kindly let me know if I'm doing something wrong or missing anything or correct way to do it. Here are the details that I'm using for authentication:

 

  1. Client ID = ########################

  2. Tenant ID = #######################

  3. Client Secret = #####################

  4. Scope = https://graph.microsoft.com/.default

  5. Grant type = client_credentials

  6. Login URl = https://login.microsoftonline.com/%7Btenant_name%7D/oauth2/v2.0/token

  7. API Permission

 

I'm using project server endpoint. Here are the details:

Endpoint URL= https://example.sharepoint.com/sites/PWA/_api/ProjectServer/Projects
Method= POST
Parameters= Authorization: Bearer {Access_Token}

 

Am I missing anything?

 

Thanks & Regards,
Rohan

api
Online
Project
Project Server

3 Replies

Sort By
  • Paul_Mather's avatar
    Paul_Mather
    MVP
    Jan 23, 2021

    Hello rohanw24 ,

    The Azure AD permissions don't grant access to Project Online. Typically access to Project Online can be via:

    SharePoint Azure ACS using the SharePoint client ID and secret but for some Project Online APIs, you will need to provide a username and password as part of the auth. You could use the SharePointOnlineCredentials class to help auth. These code samples might help: https://github.com/OfficeDev/Project-Samples 

    Here is a Stack overflow post with a similar query - they went with the SP credentials class too: https://stackoverflow.com/questions/42521163/how-to-get-an-acs-app-only-access-token-for-project-online

    Hope that helps

    Paul

    • claudio_7wa's avatar
      claudio_7wa
      Copper Contributor
      Aug 04, 2021

      Hi Paul Mather,
      due to you words "...but for some Project Online APIs, you will need to provide a username and password...", do you suggest to use a service account to call the Project's Rest APIs?
      I'm trying to access to Project Online Rest APIs with a SharePoint App-Only registration  (https://stackoverflow.com/questions/68650241/get-project-web-app-and-project-online-data-with-sharepoint-app-only-registratio )but I received different errors, and I'm start thinking that Project's API cannot be called via clientId and clientSecret/certificate.

      Thanks.

    • rohanw24's avatar
      rohanw24
      Brass Contributor
      Jan 24, 2021

      Hi Paul_Mather,

       

      Thank-you for your reply. After using ReST.ps1 file for authentication, I'm now able to get Fed Auth ticket, Cookie, and Digest Value. Now I want to make an ReST API request to the project server endpoint through cURL. For example,

       

      https://example.sharepoint.com/sites/PWA/_api/ProjectServer/Projects

       

      What data/parameter I must include in the request header to ensure that I receive a valid response without Access Denied error?

       

      Thanks & Regards,

      Rohan

Resources