Forum Discussion
Issue with SharePoint API
Hello,
We are facing issue using SharePoint API.
We created an app and granted it access to our tenant [mutta.fr].
It has been activated since 19th of December 2023 for a year :
PrincipalName | PrincipalId | KeyID | StartDate | EndDate |
FlowSpekty | 42ac9c55-c5a3-4f1c-945d-00f98cfb6fc5 | c78f4977-02ac-4bf0-826b-e9bbcde85f9d | 19/12/2023 10:50 | 19/12/2024 10:50 |
However we're not managing to use the SharePoint API correctly. Here are the steps that we are following :
Get Token Request :
curl --location 'https://accounts.accesscontrol.windows.net/388ced44-1563-4316-9073-75afcbd30f85/tokens/OAuth/2' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Cookie: esctx=PAQABAAEAAAAmoFfGtYxvRrNriQdPKIZ-XT9C2nex3oBqSOkw2eaQoxOGcy41rcO1KGxIaSSEbvLXrgvKJD5pganZ6ht6MOjjM17q5-_oVTXyCiSsFUrQaOKVLjzjXszbyAsLoMXpD0p6tmH6c9yuBNSf8RWOFC3V3pPnUtp7C-kaHH9_e6rJJ1YmURseOYxVKqxAdepp75wgAA; fpc=AoypDv80yRNGpfiwimEfAuY3IYaSAQAAAAP9Md0OAAAAJXYyzAQAAABM_jHdDgAAAA; stsservicecookie=estsfd; x-ms-gateway-slice=estsfd' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=42ac9c55-c5a3-4f1c-945d-00f98cfb6fc5@388ced44-1563-4316-9073-75afcbd30f85' \
--data-urlencode 'client_secret=YGrL9gUtymDKfmeYJRilvEQPFLn5UUxYAS99hAdRirQ=' \
--data-urlencode 'resource=00000003-0000-0ff1-ce00-000000000000/muttafr.sharepoint.com@388ced44-1563-4316-9073-75afcbd30f85' \
--data-urlencode 'scope=00000003-0000-0ff1-ce00-000000000000/muttafr.sharepoint.com@388ced44-1563-4316-9073-75afcbd30f85'
Get Token Result
{
"token_type": "Bearer",
"expires_in": "86399",
"not_before": "1704986177",
"expires_on": "1705072877",
"resource": "00000003-0000-0ff1-ce00-000000000000/muttafr.sharepoint.com@388ced44-1563-4316-9073-75afcbd30f85",
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjVCM25SeHRRN2ppOGVORGMzRnkwNUtmOTdaRSIsImtpZCI6IjVCM25SeHRRN2ppOGVORGMzRnkwNUtmOTdaRSJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbXV0dGFmci5zaGFyZXBvaW50LmNvbUAzODhjZWQ0NC0xNTYzLTQzMTYtOTA3My03NWFmY2JkMzBmODUiLCJpc3MiOiIwMDAwMDAwMS0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDBAMzg4Y2VkNDQtMTU2My00MzE2LTkwNzMtNzVhZmNiZDMwZjg1IiwiaWF0IjoxNzA0OTg2MTc3LCJuYmYiOjE3MDQ5ODYxNzcsImV4cCI6MTcwNTA3Mjg3NywiaWRlbnRpdHlwcm92aWRlciI6IjAwMDAwMDAxLTAwMDAtMDAwMC1jMDAwLTAwMDAwMDAwMDAwMEAzODhjZWQ0NC0xNTYzLTQzMTYtOTA3My03NWFmY2JkMzBmODUiLCJuYW1laWQiOiI0MmFjOWM1NS1jNWEzLTRmMWMtOTQ1ZC0wMGY5OGNmYjZmYzVAMzg4Y2VkNDQtMTU2My00MzE2LTkwNzMtNzVhZmNiZDMwZjg1Iiwib2lkIjoiZTIyNDFiODAtYmNiYi00MjM4LTk3ODMtZWE3ZDRhM2Y0NTA5Iiwic3ViIjoiZTIyNDFiODAtYmNiYi00MjM4LTk3ODMtZWE3ZDRhM2Y0NTA5IiwidHJ1c3RlZGZvcmRlbGVnYXRpb24iOiJmYWxzZSJ9.m7KWsIWOnR7XxRvOHfsjjxP5oXNbYaqIjq1PzClwpnaLuP-49DmzgFfhouiedESY30VPNR2wu8e4JNMj9sxI1GwJfk_CzOD-9xtPkJcGouLsxLc4joqRDN2I7FqJue6cz_3y7cgeawwgGKJ47kXNZo-pyxAYTUvsfd1x5k9WCGKJmQiiss85uYhpe1Aag7EsN7dnAO4RjGfjBhx2HGgM5BA5vz_DGRl8bk3QUQ5yfdY5N7_rDKhFshLX7-fotuA7enoQ1LVBbG3G5V95A_Z0UA03U31r4dLlHN7LOGzX0_ovbK-xGmlw_30iCdAwzjEax0Bt3AUdn7Qsey2JutTftA"
}
Get Sharepoint Lists Request
curl --location 'https://muttafr.sharepoint.com/sites/SuiviAuditsnergtiques/_api/lists/GetByTitle('\''Audits TEST Flow'\'')' \
--header 'Accept: application/json;odata=verbose' \
--header 'Content-Type: application/json;odata=verbose' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjVCM25SeHRRN2ppOGVORGMzRnkwNUtmOTdaRSIsImtpZCI6IjVCM25SeHRRN2ppOGVORGMzRnkwNUtmOTdaRSJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvbXV0dGFmci5zaGFyZXBvaW50LmNvbUAzODhjZWQ0NC0xNTYzLTQzMTYtOTA3My03NWFmY2JkMzBmODUiLCJpc3MiOiIwMDAwMDAwMS0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDBAMzg4Y2VkNDQtMTU2My00MzE2LTkwNzMtNzVhZmNiZDMwZjg1IiwiaWF0IjoxNzA0OTg2MjM5LCJuYmYiOjE3MDQ5ODYyMzksImV4cCI6MTcwNTA3MjkzOSwiaWRlbnRpdHlwcm92aWRlciI6IjAwMDAwMDAxLTAwMDAtMDAwMC1jMDAwLTAwMDAwMDAwMDAwMEAzODhjZWQ0NC0xNTYzLTQzMTYtOTA3My03NWFmY2JkMzBmODUiLCJuYW1laWQiOiI0MmFjOWM1NS1jNWEzLTRmMWMtOTQ1ZC0wMGY5OGNmYjZmYzVAMzg4Y2VkNDQtMTU2My00MzE2LTkwNzMtNzVhZmNiZDMwZjg1Iiwib2lkIjoiZTIyNDFiODAtYmNiYi00MjM4LTk3ODMtZWE3ZDRhM2Y0NTA5Iiwic3ViIjoiZTIyNDFiODAtYmNiYi00MjM4LTk3ODMtZWE3ZDRhM2Y0NTA5IiwidHJ1c3RlZGZvcmRlbGVnYXRpb24iOiJmYWxzZSJ9.nVzMAkkMqUjf6rg9VyK3Cj79uMDkKRRV-EsMZlfki3ifftk6MP5_FiUNpVWp6dbqobQtCmm5BjyztB96JsgU8cXZJOKQq1J35PK_6tOW007Z96Ey-WGdcyVsAzKiKRC7bW7JAwbZWwcEEKsM3s9reydliMSV9zOMcLw8JY_C09sk8fLUL-3qUYb_ME08_XAoGdkMeMsXvl-c2kkpL0Dzo_0wR2XXw8Tkdvx8baYlvgLx6Do1fRsgaiqlvixHczhswrU0mwpb0g9LqXKwbpkzUd9bQ2-xbHG7fH9ICCyZN4kAW6d04gtOnGBIo0sl3ukbgNWIdjo1ArIbfeT7V8A3xw'
Get Sharepoint Lists Result
{"error":"invalid_request","error_description":"Token type is not allowed."}
- We don't understand the error on this latest request. Our goal is to access the data from the following list : https://muttafr.sharepoint.com/sites/SuiviAuditsnergtiques/Lists/Audits%20TEST%20Flow/AllItems.aspx
- What's even weirder is that for the same app, we were able to connect to such a list, on another SharePoint, using the exact same process, without facing any difficulty.
Thank you for helping !
BenoitLefevre As per bullet point #2, are you able to access the list from same SharePoint "tenant" or different tenant?
You may need to change the value of DisableCustomAppAuthentication property at SharePoint tenant level like:
Install-Module -Name Microsoft.Online.SharePoint.PowerShell $adminUPN="<the full email address of a SharePoint administrator account, example: email address removed for privacy reasons>" $orgName="<name of your Office 365 organization, example: contosotoycompany>" $userCredential = Get-Credential -UserName $adminUPN -Message "Type the password." Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCredential set-spotenant -DisableCustomAppAuthentication $falseReferences:
- "Token type is not allowed" error on SharePoint REST API
- SharePoint Online authorization issue 'Token type is not allowed'
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.
BenoitLefevre As per bullet point #2, are you able to access the list from same SharePoint "tenant" or different tenant?
You may need to change the value of DisableCustomAppAuthentication property at SharePoint tenant level like:
Install-Module -Name Microsoft.Online.SharePoint.PowerShell $adminUPN="<the full email address of a SharePoint administrator account, example: email address removed for privacy reasons>" $orgName="<name of your Office 365 organization, example: contosotoycompany>" $userCredential = Get-Credential -UserName $adminUPN -Message "Type the password." Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCredential set-spotenant -DisableCustomAppAuthentication $falseReferences:
- "Token type is not allowed" error on SharePoint REST API
- SharePoint Online authorization issue 'Token type is not allowed'
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.
