Forum Discussion

Xcoder's avatar
Xcoder
Copper Contributor
Mar 09, 2020

SharePoint Guest Users API Access - Unauthorized

Hello, 

we've build an Azure AD App that uses MSAL to authenticate against SharePoint. The auth flow works fine, till we try to access SharePoint resources with guest users. We've tried several solutions and configurations but we always get the answere:  "Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown."

 

Is there any policy that does not allow guest users to access sharepoint through the sharepoint api? Direct access to sharepoint works without a problem.

 

Thanks in advance

Michael

  • Sudharsan K's avatar
    Sudharsan K
    Steel Contributor
    Hi
    You cannot access the SharePoint API with the guest user privilege. Instead, you can try giving application permission to your Azure AD App so that the app will hold the permission to access SharePoint and the guest users will be able to access the app.
    • Tirounatie's avatar
      Tirounatie
      Copper Contributor

      Hi Sudharsan K 

      Could you give more details on How to perform your recommendation?
      As there are several instances of the same concepts between the guest and host, your recommended way is still quite obscure to me.

Resources