SharePoint Graph API Sharing Folder

%3CLINGO-SUB%20id%3D%22lingo-sub-2669294%22%20slang%3D%22en-US%22%3ESharePoint%20Graph%20API%20Sharing%20Folder%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2669294%22%20slang%3D%22en-US%22%3E%3CP%3EI%20am%20currently%20creating%20a%20PowerApp%20for%20sharing%20files%2Ffolders%20in%20SharePoint.%20For%20sharing%20I%20am%20using%20the%20Graph%20API.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20using%20the%20following%20API%20endpoint%3A%3CBR%20%2F%3E%3CA%20target%3D%22_blank%22%20rel%3D%22noopener%22%3Ehttps%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fsites%2F%3CSITE-ID%3E%2Fdrive%2Fitems%2F%3CITEM-ID%3E%2Finvite%3C%2FITEM-ID%3E%3C%2FSITE-ID%3E%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUsing%20the%20following%20body%2FJSON%3A%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-json%22%3E%3CCODE%3E%7B%0A%20%20%22recipients%22%3A%20%5B%0A%20%20%20%20%7B%0A%20%20%20%20%20%20%22objectId%22%3A%20%226a078e6c-cecd-4906-a1df-83f6fc1cbcae%22%0A%20%20%20%20%7D%0A%20%20%5D%2C%0A%20%20%22message%22%3A%20%22Here's%20the%20file%20that%20we're%20collaborating%20on.%22%2C%0A%20%20%22requireSignIn%22%3A%20true%2C%0A%20%20%22sendInvitation%22%3A%20true%2C%0A%20%20%22roles%22%3A%20%5B%0A%20%20%20%20%22write%22%0A%20%20%5D%0A%7D%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20the%20Graph%20API%2C%20I%20created%20an%20app%2C%20with%20all%20the%20required%20delegated%20permissions.%3CBR%20%2F%3EThe%20authentication%20is%20done%20with%20a%20secret.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20it%20works%20until%20the%20setting%20to%20limit%20external%20sharing%20to%20a%20Specific%20Group%20is%20set.%3CBR%20%2F%3EThen%20I%20get%20the%20error%20message%20that%20sharing%20is%20disabled%20on%20the%20SharePoint%20site.%3CBR%20%2F%3EEven%20though%20the%20app%20respectively%20the%20service%20principal%20is%20member%20in%20the%20group%20for%20external%20sharing.%3C%2FP%3E%3CP%3E%3CBR%20%2F%3EI%20know%20the%20following%20alternative%2C%20but%20it%20does%20not%20meet%20my%20requirements%3A%3CBR%20%2F%3EAllow%20sharing%20only%20with%20existing%20guests%20and%20disable%20inviting%20guests%20by%20a%20normal%20user%20in%20Azure%20AD.%20Problem%20the%20sharing%20is%20possible%20with%20all%20existing%20guests.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20anyone%20have%20an%20idea%20how%20I%20can%20solve%20the%20problem%20or%20has%20any%20other%20suggestions%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2669294%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EGraph%20API%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%20Online%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESharePoint%20Online%20sharing%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Frequent Visitor

I am currently creating a PowerApp for sharing files/folders in SharePoint. For sharing I am using the Graph API.

 

I am using the following API endpoint:
https://graph.microsoft.com/v1.0/sites/<site-ID>/drive/items/<item-ID>/invite

 

Using the following body/JSON:

{
  "recipients": [
    {
      "objectId": "6a078e6c-cecd-4906-a1df-83f6fc1cbcae"
    }
  ],
  "message": "Here's the file that we're collaborating on.",
  "requireSignIn": true,
  "sendInvitation": true,
  "roles": [
    "write"
  ]
}

 

For the Graph API, I created an app, with all the required delegated permissions.
The authentication is done with a secret.

 

So it works until the setting to limit external sharing to a Specific Group is set.
Then I get the error message that sharing is disabled on the SharePoint site.
Even though the app respectively the service principal is member in the group for external sharing.


I know the following alternative, but it does not meet my requirements:
Allow sharing only with existing guests and disable inviting guests by a normal user in Azure AD. Problem the sharing is possible with all existing guests.

 

Does anyone have an idea how I can solve the problem or has any other suggestions?

0 Replies