We currently have a web service which is accessing the EWS API's for Mail, Calendar, and Contacts. For those, we used the "App-Only"/Client Credential flow to have an app-to-app auth.
Now we'd like to extend our web service to access the SharePoint/OneDrive API's. It looks like the preferred way to access these API's is by making a request to the Discovery service, however it seems that the Discovery service doesn't work with App-Only auth (see: Access Office 365 Discover Service with "app-only" token)
Another approach we've tried is to simply hard-code the SharePoint endpoint URL's.
* Connection #0 to host devunit1-my.sharepoint.com left intact
{
"@odata.context": "https://devunit1-my.sharepoint.com/_api/v2.0/$metadata#me",
"@odata.type": "#microsoft.coreServices.currentUserRequestContext",
"@odata.id": "https://devunit1-my.sharepoint.com/_api/v2.0/me",
"@odata.editLink": "me",
"id": null
}
We can hit the server, but trying to access /files gives us an error:
{
"error": {
"code": "-1, Microsoft.Office.Server.UserProfiles.UserNotFoundException",
"message": "User 'i:0i.t|00000003-0000-0ff1-ce00-000000000000|app@sharepoint' doesn't exist in UPA by UPN or SID, and user with this SID was not found in AD."
}
}
The third way we've tried is by using the Office365 Unified API using /users/<OMITTED User.objectId>/drive which fails giving:
{"odata.error"=>{"code"=>"Request_ResourceNotFound", "message"=>{"lang"=>"en", "value"=>"Resource 'drive' does not exist or one of its queried reference-property objects are not present."}}}
Is there something that we're doing wrong? Is it possible to access SharePoint/OneDrive data (either through the Files API or some other API) with App-Only credentials? If not, is there some work around we can use or do we have to create an entirely separate auth flow just to use the Discovery service?
