Sharepoint (graph) API accessing OneDrive file list - 403 / 404 error

2
votes

Using Postman on windows with a different user account to the onedrive user that I am trying to access, we have a list of a users personal files 'My files' shown in Sharepoint for the users OneDrive at URL:

https://xxxxxxxxxuk-my.sharepoint.com/personal/rob_xxxxxxxxxlimited_com/_layouts/15/onedrive.aspx

I have registered an Add-In here

https://xxxxxxxxxuk-my.sharepoint.com/personal/rob_xxxxxxxxxlimited_com/_layouts/15/appregnew.aspx

I generated a clientid, secret, App Domain = localhost, redirect url = https://localhost

I have granted permissions with appinv.aspx same place, clicked 'Trust It':

I have obtained the TenantId and resource by going to client.svc. I can get an access_token with all this information no trouble:

grant_type  client_credentials

client_id   xxxxxxx-dbce-4a7e-bfd4-b7954546d4f8@xxxxxxx-f51f-4360-8e47-8ac7c82aecf7

 client_secret  xxxxxxx9SDjt6ELYGS4PP5NFLWxCnAWDSvxiH78fzDE=

resource    00000003-0000-0ff1-ce00-000000000000/xxxxxxxxuk-my.sharepoint.com@xxxxxxx-f51f-4360-8e47-8ac7c82aecf7

The access token returned appears to work - initially we were getting token type is not allowed but we run this in powershell and that god rid of that error: set-spotenant -DisableCustomAppAuthentication $false

What I want to do is get a list of files and folders at this location, and ultimately drill down to a 'Recordings' folder and download items. I'm unsure of the syntax.

https://xxxxxxxxxuk-my.sharepoint.com/personal/rob_xxxxxxxxxlimited_com/_layouts/15/_api/web/lists/getbytitle('My files')/items

This returns a 404. I'm using the Authorization: Bearer eyJ... as obtained in previous steps and Accept application/json;odata=verbose headers.

same 404 for

https://xxxxxxxxxuk-my.sharepoint.com/personal/rob_xxxxxxxxxlimited_com/_layouts/15/_api/web?$select=Title

Can anyone help with why I'm getting this? Is there a more basic API request that is more a 'hello world' to this folder?

These URLs are different I get a 403 you do not have permission:

https://xxxxxxxxxuk-my.sharepoint.com/_api/web/lists/getbytitle('My files')/items?$select=Title
https://xxxxxxxxxuk-my.sharepoint.com/_api/web?$select=Title
1
sharepointonedrive

1 Answers

1
votes

You may need to grant APP permission to the registered app as you're using credential flow:

  1. Register app

enter image description here

  1. Grant permissions(_layouts/15/appinv.aspx)

    <AppPermissionRequests AllowAppOnlyPolicy="true">
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" />
</AppPermissionRequests>

  2. Acquire token

enter image description here

  1. Send Api request:

enter image description here

More referenes:

BR