SharePoint online REST API access from postman

Occasional Visitor

Hi,

I have registered SharePoint addin in azure and granted admin consent to the app. I am able to generate token in postman by specifying client credentials and resource details and the received token contain has got "Site.Read.All" role (token obtained from accounts.accesscontrol.windows.net). But in the subsequent SharePoint REST API call to fetch the list details using this token , I am getting 403 Forbidden error. 

My requirement is to get all the image files within a SharePoint list using javascript.

.Can anyone help? 

4 Replies

Hey @reshk1950 ,

 

So, you need to register an application to use SharePoint or are you just trying to query SharePoint from Postman? If you want to make some REST queries and that's it, the fastest way would be to:

  • Open a SharePoint page with your browser's Developer tools(F12) open.
  • Go to the Network section and select the first request in the list(your page's request, with the URL you typed).
  • In the Headers section of the request, expand the Request Headers parameter
  • You will see some parameters being list. Go to the 'cookie' parameter and copy the cookies 'rtFa' and 'FedAuth'
  • Paste these cookies in the Header of your Postman request. You should be able to make REST calls to SharePoint now

Of course, if you need to register an application you would have to go a lot deeper than this. Let me know if it helps.

 

Regards

,  go 

Hi @Carlos_Marins,

I have an identical problem to the one that @reshk1950 reported though not exactly the same.

I'm working on an integration that will be making CRUD HTTP requests to a SharePoint online instance (I have a Microsoft 365 developer subscription). Before developing the integration I'm testing with Postman on how to get the OAuth token and making a trial request to be sure that authorization is working.

To get the OAuth token I've followed the instructions (are there any Microsoft 'official' guidelines on how to do this?) from http://pratapreddypilaka.blogspot.com/2018/05/sharepoint-online-authentication-for.html and I manage to get an OAuth token.

When I try to use the token I got in Postman to make a simple test HTTP request (https://xxxxxx.sharepoint.com/onesite/_api/web?$select=Title) I get a 401 error with the following message {"error":"invalid_request","error_description":"Token type is not allowed."}

Can you provide some guidance on how to get 'the right' token to interact with SharePoint REST API?

Thanks in advance

Vicente

Hi @vicenteoliveirau4,

 

To get a token from your application, without user interaction, you should use the client credentials flow. Here's the official documentation from Microsoft. Since you're using Postman, notice that they provide a great collection of REST calls to get the token that you need. But before that, you should use Azure to create an app registration and set up the permissions you need. The article you mentioned uses an old and non-recommended way to authenticate to SharePoint.

 

Now, to connect directly to your SharePoint site and make your CRUD requests, I would recommend you use the PnP Core SDK, a great library for .NET that simplifies the authentication and the requests for you.

 

The problem using the client credentials flow is that, to connect to SharePoint, you need to generate and upload a certificate, which could be a pain in the butt. If you follow through the process to generate and upload a certificate to Azure, then you can use the PnP Core SDK to talk to SharePoint.

 

However, the easiest way to talk to SharePoint, without having to create and upload a certificate, would be to get a token to MS Graph, and use the /sites endpoint to talk to your SharePoint site. From there, you can make CRUD requests to your list as well, once you find the endpoint to it. The upside of this approach is that you only need a client id and a client secret to get a token from MS Graph, so you'd be able to test the requests through Postman.

 

Let me know if you need help following any of these approaches. 

Hi @Carlos_Marins and thank you for your detailed reply, The integration I'm working on is based on a low-code/no-code product and to support the interaction with SharePoint I'll have to use an HTTP request action so I won't be able to use external libraries to make it more straightforward.

I actually already have a registered Azure App that I'm using to interact with some other Microsoft APIs but I was not aware that I could use Graph to interact with SharePoint, that's great news! Basically what the integration needs to do is to eventually create a document library in a given SharePoint site and add documents to that document library, all using HTTP requests of course ... I'll give it a try using the MS Graph approach, it would for sure be my preferable choice.

Thanks a lot for your help and guidance

Vicente