Forum Discussion
SharePoint online REST API access from postman
I have an identical problem to the one that reshk1950 reported though not exactly the same.
I'm working on an integration that will be making CRUD HTTP requests to a SharePoint online instance (I have a Microsoft 365 developer subscription). Before developing the integration I'm testing with Postman on how to get the OAuth token and making a trial request to be sure that authorization is working.
To get the OAuth token I've followed the instructions (are there any Microsoft 'official' guidelines on how to do this?) from http://pratapreddypilaka.blogspot.com/2018/05/sharepoint-online-authentication-for.html and I manage to get an OAuth token.
When I try to use the token I got in Postman to make a simple test HTTP request (https://xxxxxx.sharepoint.com/onesite/_api/web?$select=Title) I get a 401 error with the following message {"error":"invalid_request","error_description":"Token type is not allowed."}
Can you provide some guidance on how to get 'the right' token to interact with SharePoint REST API?
Thanks in advance
Vicente
To get a token from your application, without user interaction, you should use the client credentials flow. Here's the official documentation from Microsoft. Since you're using Postman, notice that they provide a great collection of REST calls to get the token that you need. But before that, you should use Azure to create an app registration and set up the permissions you need. The article you mentioned uses an old and non-recommended way to authenticate to SharePoint.
Now, to connect directly to your SharePoint site and make your CRUD requests, I would recommend you use the PnP Core SDK, a great library for .NET that simplifies the authentication and the requests for you.
The problem using the client credentials flow is that, to connect to SharePoint, you need to generate and upload a certificate, which could be a pain in the butt. If you follow through the process to generate and upload a certificate to Azure, then you can use the PnP Core SDK to talk to SharePoint.
However, the easiest way to talk to SharePoint, without having to create and upload a certificate, would be to get a token to MS Graph, and use the /sites endpoint to talk to your SharePoint site. From there, you can make CRUD requests to your list as well, once you find the endpoint to it. The upside of this approach is that you only need a client id and a client secret to get a token from MS Graph, so you'd be able to test the requests through Postman.
Let me know if you need help following any of these approaches.
- Hi Carlos_Marins and thank you for your detailed reply, The integration I'm working on is based on a low-code/no-code product and to support the interaction with SharePoint I'll have to use an HTTP request action so I won't be able to use external libraries to make it more straightforward.
I actually already have a registered Azure App that I'm using to interact with some other Microsoft APIs but I was not aware that I could use Graph to interact with SharePoint, that's great news! Basically what the integration needs to do is to eventually create a document library in a given SharePoint site and add documents to that document library, all using HTTP requests of course ... I'll give it a try using the MS Graph approach, it would for sure be my preferable choice.
Thanks a lot for your help and guidance
Vicente