Question 105804 in Azure Question posted in
The official documentation to get you started can be found here.

Azure – SharePoint Online Webhook Subscription: "Access is Denied" Error?

I have been following this tutorial on how to create a SharePoint webhook subscription, and after authenticating and getting the access token, actually trying to send the request to add a webhook subscription to a SharePoint list through Postman gives me an "Access is denied HRESULT: 0x80070005" error:

Error message

Going into the Postman console to see a more verbose error message shows "917656; Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically."

I have tried all of the following:

  1. Gone into SharePoint to enable Sites.Manage.All permissions for my Azure AD App
  2. Reauthorized with several accounts with various access levels
  3. Verified that ngrok, my webhook receiver, and Azure AD App were all running and all connection strings/client ids/secrets were valid.

Could it be that I’m missing something else in regards to SharePoint permissions for my Azure AD App, or is it another issue?

Tags:

2

Answers


  1. 0

    I tried to reproduce in my environment its working fine getting the access token added webhook subscription to a SharePoint list through Postman

    First, Check whether you are added content-type and accept in header
    enter image description here

    This error may cause because of some security issue postman is not authenticated and not authorized to get data from the SharePoint. For this try to register an app using your URL modify at end /_layouts/15/appregnew.aspx

    For sample:

    https://imu.sharepoint.com/sites/mirror/_layouts/15/appregnew.aspx

    Hope you have access, try to register your app as below:
    enter image description here

    Here, you need to give permission to that particular app such as Full control permission as below snip link :
    enter image description here

    In App’s permission request XML apply permission as below:

    enter image description here
    And, Click Create and pop up will display trust it. click trust it site setting tab will display if you click that site collection app permission your postman right side will display client id@tenant id
    enter image description here

    • To get the access token click launchpad -> create request ->https://accounts.accesscontrol.windows.net/Tenant ID()/tokens/OAuth/2/

    • Try to add values in Body tab like
      grant_type – client_credentials
      Client_id – ClientID@TenantID
      Client_secret – Clientsecret
      resource – resource/siteDomain@TenantID

    Make sure in your Url remove parenthesis in your TenanID and site domain is in your Url like ***.sharepoint.com
    enter image description here

    Finally, i have added Authorization in header and in value Bearer access token make sure to remember space between bearer and Your access token, I am getting result successfully without any Access Denied error.
    enter image description here

    For your Reference :

    OfficeDev/TrainingContent

    Login or Signup to reply.
  2. 0

    Revisit these things

    1. App registered in AD is having AllSites.Manage permission (delegated) and admin consent granted.
    2. While getting access token via postman, use scope as https://yourtenant.sharepoint.com/.default
    3. headers : Content-Type = application/json, Accept = application/json;odata=verbose
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search