Unable to access contents of folder shared with user in OneDrive via REST API

0
votes

We have a Windows client application that integrates with OneDrive via the Graph REST API. Recently we began adding support for content that has been shared with the current user, specifically folders. We can access those items via:

GET https://graph.microsoft.com/v1.0/me/drive/sharedWithMe

but have run into an issue accessing the items that are returned. When I try:

GET https://graph.microsoft.com/v1.0/drives/RemoteDriveID/items/RemoteItemID/children

I get a 404 error with "The resource could not be found." When I try to put the remote site ID in there (both just the site ID and the triplet described here) in this format:

GET https://graph.microsoft.com/v1.0/sites/RemoteSiteID/drives/RemoteDriveID/items/RemoteItemID

I get a 400 error with "Provided id is not suitable for the current host". All IDs that I'm using are from the remoteItem facet, as per the documentation. Our App has Files.ReadWrite.All and Sites.ReadWrite.All permissions. All other calls to the server work so it's not an OAuth or basic request issue. From other posts it seems like other people either don't have this issue or never got their problem got resolved.

Our end-goal is to have a folder shared with a user that our app syncs content to and from.

1
restmicrosoft-graph-apionedrive

1 Answers

0
votes

It has been a while since you asked @JackHunsinger, but fwiw the folder sharing scenario works for me.

I am using the access token obtained for user A and creating the sharing permission using a request like this:

POST https://graph.microsoft.com/v1.0/drives/<driveId>/items/<folderId>/invite
Content-type: application/json
{
    {
        "recipients":
        [
          { "email": "<user B email>" }
        ],
        "requireSignIn": true,
        "roles": [ "write" ]
    }
}

getting back this reply:

{
    {

   "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#Collection(permission)",
        "value":
        [
            {
                "@odata.type": "#microsoft.graph.permission",
                "id": "<permissionId>",
                "roles": [ "write" ],
                "shareId": "<shareId>",
                "grantedTo":
                {
                    "user": { "displayName": "<user B>", "id":"<user B id>" }
                },
                "invitation":
                {
                    "email": "<user B email>",
                    "signInRequired": true,
                    "invitedBy": { "user": { "id": "<user B email>" } }
                },
                "link": { "webUrl": "https://1drv.ms/u/s!<shareId>" }
            }
        ]
    }
}

Later, user B is retrieving the folder contents like:

GET https://graph.microsoft.com/v1.0/drives/<driveId>/items/<folderId>?$expand=children

where driveId and folderId are the same in both requests. I.e. user B is using the remoteItem facet, just like it was written in the question.

Maybe comparing the above permission json with what you get, will help you track down your issue :-)

In cases where the permission is not created by your app, you may find it useful to inspect the permissions for the folder in question by sending this as user A:

GET https://graph.microsoft.com/v1.0/drives/<driveId>/items/<folderId>/permissions

Notes of curiosity (perhaps interesting for @DanSilver ...):

  • It seems a bit odd by the way, that <user B email> shows up under "invitedBy" in the permission - I would expect to see <user A email> there...

  • It is also noteworthy - I think - that the shareId is not really needed for sharing with other OneDrive users. It is only of use with the /shares endpoint thru which it seems only reading is possible.