OneDrive API: Unauthenticated, Must be authenticated to use '/drive' syntax

3
votes

I am using OneDrive api to upload files in my Ruby on Rails application and OneDrive API started giving the unauthenticated error on uploading file using the endpoint /drive/root:/#{filename}:/content. The error is given below:

{"error"=>{"code"=>"unauthenticated", "message"=>"Must be authenticated to use '/drive' syntax"}}

Then I got a new refresh_token by following the OneDrive Docs using scope files.readwrite offline_access.

For OneDrive authentication, I am sending POST request to the endpoint https://login.microsoftonline.com/common/oauth2/v2.0/token to get access_token using the refresh_token with the following headers and body:

headers = { 'Content-Type' => 'application/x-www-form-urlencoded' }
body = {
  'client_id'     => "<Client ID>",
  'grant_type'    => "refresh_token",
  'redirect_uri'  => "<Redirect URI>",
  'client_secret' => "<Client Secret>",
  'refresh_token' => "<Refresh Token>",
}

Am I using the correct endpoint to get access_token from refresh_token?

The base uri I am using to upload files to OneDrive is https://api.onedrive.com/v1.0

Can anyone please help me why I am I getting unauthenticated error or how can I use '/drive' syntax for authentication?

Thanks in advance!

1
restapiauthenticationofflineonedrive
So how are you making your request, and how are you supplying the token while doing so?CBroe
Thanks for asking. I receive an access_token from the POST request mentioned above. I set the request header "Authorization" to "bearer <access_token>" and 'Content-Type' to 'text/plain' in the upload file request. Then I send a "PUT" request to "/drive/root:/#{filename}:/content" endpoint and send File.binread(file.path) in request body. Base uri for my requests is api.onedrive.com/v1.0. Thank you!Faisal Raza

1 Answers

5
votes

Solved:

In my case, I was using "Code flow" for the Authentication and using the following url to get code in parameter:

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=CLIENT_ID&scope=files.readwrite offline_access&response_type=code&redirect_uri=REDIRECT_URI

Visiting the above url opened the redirect url with a long code parameter which I was using to get access_token and refresh_token but that access_token was not working on uploading files to OneDrive and retuning "unauthenticated" error mentioned in question.

After doing research, I found that the url I am using to get code for OneDrive authentication is for Microsoft Graph. The correct url for Microsoft Account is given below:

https://login.live.com/oauth20_authorize.srf?client_id=CLIENT_ID&scope=onedrive.readwrite offline_access&response_type=code&redirect_uri=REDIRECT_URI

Visiting the above url in browser redirected me to the page with code parameter as well but it was small code like K9vb4e786-afg6-1a3b-1234-12abc01234ca.

I used this code to get access_token and refresh_token using the below POST request:

body = {
  client_id: "CLIENT_ID",
  redirect_uri: "REDIRECT_URI",
  client_secret: "CLIENT_SECRET",
  code: "CODE",
  grant_type: "authorization_code"
}
headers = { 'Content-Type' => 'application/x-www-form-urlencoded' }

r=HTTParty.post('https://login.live.com/oauth20_token.srf', headers: headers, body: body)

This request returned access_token and refresh_token in response. I used this refresh_token to get an access_token in each request and file uploaded successfully.

Conclusion: I was using Microsoft Graph authentication process ie, https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/graph-oauth which was incorrect. Then I followed Microsoft Account authentication ie, https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/msa-oauth which resolved the issue.

Update:

Later I used my Office-365 business account for OneDrive file uploading. For this account, OneDrive authentication process is different ie, https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/aad-oauth and it worked.