Getting 403 error while uploading document using SharePoint REST API with Access Token

Occasional Visitor

I tried as below but it's not working.

STEP 1

Registered the SharePoint Add-In using AppRegNew.aspx (https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/register-sharepoint-add-ins)

Please note, following XML is used to apply permissions on the https://<SharePointWebsite>/_layouts/15/AppInv.aspx

 

 

<AppPermissionRequests AllowAppOnlyPolicy="true">
  <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Manage"/>
</AppPermissionRequests>

 

 

STEP 2

Generated the token successfully using below code.

 

public async Task<string> GetAccessToken()
{
    // token end-point
    Uri uri = new Uri(string.Format("https://accounts.accesscontrol.windows.net/{0}/tokens/OAuth/2", GlobalConfig.LS_AAD_TENENT_ID));

    // Populate the form variable
    var formVariables = new List<KeyValuePair<string, string>>();
    formVariables.Add(new KeyValuePair<string, string>("grant_type", "client_credentials"));
    formVariables.Add(new KeyValuePair<string, string>("client_id", string.Format("{0}@{1}", GlobalConfig.SHAREPOINT_APP_CMA_ADD_IN_CLIENT_ID, GlobalConfig.SHAREPOINT_TENANT_ID)));
    formVariables.Add(new KeyValuePair<string, string>("client_secret", GlobalConfig.SHAREPOINT_APP_CMA_ADD_IN_CLIENT_SECRET));
    formVariables.Add(new KeyValuePair<string, string>("resource", string.Format("{0}/{1}@{2}", GlobalConfig.SHAREPOINT_PRINCIPAL_ID, GlobalConfig.SHAREPOINT_SUB_DOMAIN, GlobalConfig.SHAREPOINT_TENANT_ID)));

    var formContent = new FormUrlEncodedContent(formVariables);

    var response = await HttpRestClient.PostAsync(uri, formContent);
    if (!response.IsSuccessStatusCode)
    {
        string error = await response.Content.ReadAsStringAsync();
        object formatted = JsonConvert.DeserializeObject(error);
        throw new Exception("Error while retrieving SharePoint access token: \n" + JsonConvert.SerializeObject(formatted, Formatting.Indented));
    }

    return await response.Content.ReadAsStringAsync();
}

 

 

STEP 3

Trying to upload the document using below code gives 403 forbidden error when it executes SendAsync(..).

 

 

public async Task<string> PostFile(string endpointUri, string accessToken, FileData fileData)
{
    string restUrl = string.Format("{0}{1}", HttpRestClient.BaseAddress, endpointUri);

    HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, restUrl);
    request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

    MultipartFormDataContent multiPartContent = new MultipartFormDataContent();
    ByteArrayContent byteArrayContent = new ByteArrayContent(fileData.FileBytes);
    byteArrayContent.Headers.Add("Content-Type", fileData.FileContentType);
    multiPartContent.Add(byteArrayContent, fileData.FileName, fileData.FileName);
    request.Content = multiPartContent;

    request.Content.Headers.ContentType = MediaTypeWithQualityHeaderValue.Parse("application/json;odata=verbose");
    request.Content.Headers.Add("Content-Length", $"{fileData.FileBytesLength}");            

    HttpResponseMessage response = await HttpRestClient.SendAsync(request);

    if (!response.IsSuccessStatusCode)
    {
        string error = await response.Content.ReadAsStringAsync();
        object formatted = JsonConvert.DeserializeObject(error);
        throw new Exception("An error occurred while executing the PostFile(..) method: \n" + JsonConvert.SerializeObject(formatted, Formatting.Indented));
    }

    return await response.Content.ReadAsStringAsync();
}

 


Please note, the GET request works using the access token for this end-point /_api/web/lists/GetByTitle('Documents'). But the POST does not work using the same access token.

 

Can you please advise?

Thanks Hitesh

 

0 Replies