cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Error access denied with app-principals in Sharepoint Online

Productos
Copper Contributor

‎Mar 16 2023 06:02 AM

‎Mar 16 2023 06:02 AM

Error access denied with app-principals in Sharepoint Online

To activate an integration between a SAP system and Sharepoint Online, a security entity called SPFacturasSAP has been created, this entity has been created at the client's site and has been given full control permissions at the tenant level:

 

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
</AppPermissionRequests>

 

however when they try to upload files using this entity the following error is generated:

 

<?xml version="1.0" encoding="utf-8"?>
<m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
<m:code>-2147024891, System.UnauthorizedAccessException</m:code>
<m:message xml:lang="es-ES">Access denied.</m:message>
</m:error>

 

the apis that are being used to upload the files are: /_api/Web/GetFolderByServerRelativeUrl('{{file_rel_path}}')/Files/add(url='filename.png',overwrite=true) /_api/web/GetFolderByServerRelativePath (DecodedUrl='{{file_rel_path}}')/Files/AddUsingPath(DecodedUrl='DEMO.pdf',AutoCheckoutOnInvalidData=true)

 

Is there any additional configuration required?

1,436 Views
0 Likes
3 Replies
Reply
3 Replies
kalpeshvaghela

‎Mar 17 2023 02:02 AM

‎Mar 17 2023 02:02 AM

Re: Error access denied with app-principals in Sharepoint Online

@Productos 

 

Make sure that DisableCustomAppAuthentication is set to False. By default in new tenant this setting is set to True,

 

https://learn.microsoft.com/en-us/powershell/module/sharepoint-online/set-spotenant?view=sharepoint-...

 

 

You can change this setting via SharePoint Online Management Shell

 

Make sure that once you change this setting at tenant level, it can take up to 24 hours to apply this settings.

 

Hope it will helpful to you and if so then Please mark my response as Best Response & Like to help others in this community

0 Likes
Reply
Productos

‎Mar 21 2023 12:36 AM

‎Mar 21 2023 12:36 AM

Re: Error access denied with app-principals in Sharepoint Online

Hello,

I checked that this parameter is set to false:

PS C:\WINDOWS\system32> Get-SPOTenant | findstr "DisableCustomAppAuthentication"
DisableCustomAppAuthentication : False
PS C:\WINDOWS\system32>

Thanks & regards.
0 Likes
Reply
Productos

‎Mar 29 2023 11:33 PM

‎Mar 29 2023 11:33 PM

Re: Error access denied with app-principals in Sharepoint Online

Is there any other configuration that is necessary so that the access denied error is not generated? It was already verified that the DisableCustomAppAuthentication parameter was set to false.
0 Likes
Reply