How to use SharePoint search query with SharePoint Granular access permissions?
I want to execute SharePoint search API with granular access for that I've changed 'Sites.ReadWrite.All' permission to 'Sites.Selected' permission, so that application would have all sites access but during search I'm getting unauthorize error ``` {"odata.error":{"code":"-1, Microsoft.Office.Server.Search.REST.SearchServiceException","message":{"lang":"en-US","value":"Unauthorized."}}} ``` Also tried to give sites.selected permission at tenant level, that also not works, if the only solution is to give 'Sites.ReadWrite.All' or 'Sites.Read' then there is no use of granular level access implementation Sites.Read.all will allow all sites if granted. My query is similar to below -: https://tenant.sharepoint.com/_api/search/query?querytext='*+AND+(Path:"https://tenant.sharepoint.com/sites/SITE1/RECORDS" OR Path:"https://tenant.sharepoint.com/sites/SITE2/RECORDS")'&trimDuplicates=false&selectProperties='Column1,Column2'&refiners='Column1OWSTEXT'&refinementFilters='Column1:equals(\"xxxxx\")'&rowLimit=5 Some other references regarding my question. https://sharepoint.stackexchange.com/questions/306397/how-to-use-sharepoint-search-query-with-sharepoint-granular-access-permissions?newreg=dbcbb62ae019481c9a864f537ecd0faf https://sharepoint.stackexchange.com/questions/306432/is-that-sites-selected-permissions-level-allows-the-sharepoint-online-global Really appreciate any response on this or alternative approach to to achieve this.
Forward Files when uploaded from Teams to another server
Hi Fellow developers, I have a project requirement wherein whenever a file is being sent in the team channels of my organization, I want them to be immediately sent to another server for sanity scanning. Can this be achieved from SPFx for multiple lists as each channel will have its own list? I have already looked into the documentation and the best I could think of was having a provider-hosted add-in which will have Graph API's change notification subscription for all the lists associated with all the channels in the teams of my organization. However, it seems to me a not-so optimal approach. Is there a better way of achieving this which I could not figure out from the Sharepoint, Teams and Graph API Documentations? Please let me know, it will be a great help. Thank you!
Graph Lists and Sites Permission endpoint
I just found https://docs.microsoft.com/en-us/graph/api/site-post-permissions?view=graph-rest-1.0&tabs=http in the microsoft docs: "Create a new https://docs.microsoft.com/en-us/graph/api/resources/permission?view=graph-rest-1.0 object on a site." But what does this mean? I tried the endpoint but it seems not to be possible to give people permissions in SharePoint Online through this endpoint. What is this supposed to do exactly: POST https://graph.microsoft.com/v1.0/sites/{sitesId}/permissions Content-Type: application/json { "roles": ["write"], "grantedToIdentities": [{ "application": { "id": "89ea5c94-7736-4e25-95ad-3fa95f62b66e", "displayName": "Contoso Time Manager App" } }] } How can "apps" have permissions in SharePoint? I always thought only SharePoint groups/users or Azure AD groups or users can have permissions in SharePoint. What does it mean if an "app" gets permission? And why is this only allowed on site level? Can't I give an app also permission to just a library or list item. Where is my misunderstanding here? And is it possible at all to give certain users SharePoint permissions for a single library through the Graph API?
SharePoint Graph API Sharing Folder
I am currently creating a PowerApp for sharing files/folders in SharePoint. For sharing I am using the Graph API. I am using the following API endpoint: https://graph.microsoft.com/v1.0/sites/<site-ID>/drive/items/<item-ID>/invite Using the following body/JSON: { "recipients": [ { "objectId": "6a078e6c-cecd-4906-a1df-83f6fc1cbcae" } ], "message": "Here's the file that we're collaborating on.", "requireSignIn": true, "sendInvitation": true, "roles": [ "write" ] } For the Graph API, I created an app, with all the required delegated permissions. The authentication is done with a secret. So it works until the setting to limit external sharing to a Specific Group is set. Then I get the error message that sharing is disabled on the SharePoint site. Even though the app respectively the service principal is member in the group for external sharing. I know the following alternative, but it does not meet my requirements: Allow sharing only with existing guests and disable inviting guests by a normal user in Azure AD. Problem the sharing is possible with all existing guests. Does anyone have an idea how I can solve the problem or has any other suggestions?Graph created OneNote not recognized as "Site-Notebook"
When creating a new Office365 Group, the "Site Notebook" is not provisioned until the Notebook link is clicked in the left navigation of the associated SharePoint site. I'm trying to automate this process by creating the Notebook through the GraphAPI (/groups/{id}/onenote/notebooks) - which works fine. However, the newly created notebook is not coupled to the navigation link in the left menu of the SharePoint site. This results in a second notebook being created when clicking the link. Is there a way to indicate that the notebook I created should be used as the Site Notebook? PS: I also noticed that Notebooks are created in Shared Documents library, and the "default" one in SiteAssets.Custom solution with the MigrationTool DLLs
Had anyone have success writing custom VS solution using the DLLs in C:\Users\{username}\Documents\WindowsPowerShell\Modules\Microsoft.SharePoint.MigrationTool.PowerShell It looks like the tool is using CSOM. I am interested in the ability to copy files preserving the "Created By" from SP2013 to SPO. Any idea? Thx
Need help on Sharepoint query search building
Hi, I am trying to integration Servicenow with Sharepoint to find the files available in Sharepoint Sites which i acheived using "https://graph.microsoft.com/v1.0/drives/drive-id/root/search(q='sharepoint')" & it is working perfectly fine but it is working only for specific drive/site. Now the requirement is when user search with a query word it should search in all the sites available in our Sharepoint and give the response after lots of googling i found an article that i thought suits to me : https://docs.microsoft.com/en-us/sharepoint/dev/general-development/sharepoint-search-rest-api-overviewhttps://docs.microsoft.com/en-us/sharepoint/dev/general-development/sharepoint-search-rest-api-overview When i try with the given ex: GET http://mydev.sharepoint.com/_api/search/query?querytext='sharepoint' in Graph API explorer it is not even the running and i am not able to see any response. Later the tried the same by giving the End point URI in Servicenow and i am getting Invalid User & Passworkd & Response: 401. Note: My Servicenow instance is already configured with oAuth and it is working for specific Drive search but when i am trying with Sharepoint rest api search i am getting authentication issue do i need to proceed with other Authentication method ?
