Fetching Real-time Permissions in SharePoint Online via REST API using App Token

New Contributor

We are trying to fetch real-time user effective permissions of a user on a file. We cannot use the following API as it does not update the user effective permissions in real-time when the user is either added or removed from the O365 group (Until the user login into the site):


Note that we are using SharePoint Application Access Token.


Therefore, we are using the following APIs to get the real time results:



We read the responses having 'principal type = 4' such as 

"LoginName": "c:0o.c|federateddirectoryclaimprovider|d20ae4c3-3429-4f75-8895-793407836d5e_o",
"LoginName": "c:0o.c|federateddirectoryclaimprovider|<group_uid>",
"LoginName": "c:0(.s|true",
"LoginName": "c:0-.f|rolemanager|spo-grid-all-users/<tenant_id>", etc.
and then we fetch the owners of the group by taking'<owner_group_guid>_o' and also fetch the transitive members of the group by taking <group_uid> using Graph API.
How do we check if a user is a member of the following SharePoint groups?:
Everyone:  c:0(.s|true
Everyone except external users: c:0-.f|rolemanager|spo-grid-all-users/<tenant_id>
Also, is there any other similar SharePoint internal groups that should be taken into consideration while fetching the real-time user effective permissions?



0 Replies