Share via

Support Required for Shared Excel File Read/Write Access via Microsoft Graph API Using App-Only Permissions

Robert Jennrich 0 Reputation points
2025-06-25T08:00:23.8566667+00:00

Dear Microsoft Support Team,

We are currently developing a SaaS software using React for the frontend and Python with Django REST Framework for the backend.

As part of our product functionality, we need to integrate Microsoft Excel (online) with our backend system to enable automated data export and import processes. The intended workflow is as follows:

  • A user shares an Excel file with editor rights via our platform.
  • Our system needs to perform read and write operations on that shared file automatically.
  • Specifically, in one of our modules (KPI), selected KPI data should be exported into the shared Excel file.
  • The user can update this data in the file, and our backend will have a scheduled background job that runs daily to fetch and verify the updated data and sync it with our system.

During our research, we found that Microsoft Graph API supports interacting with Excel files. However, we’ve encountered a limitation regarding permissions:

  • Delegated permissions allow shared Excel file read/write access, but require a signed-in user.
  • App-only permissions, which are essential for background tasks, do not appear to support shared Excel file read/write access.

Given our use case involves background jobs (without user interaction), App-only access is crucial, but we still need full read/write access to the shared Excel file.

Our key question is:

Is there any way to achieve read/write access to a shared Excel file using App-only permissions with Microsoft Graph API?

If not directly supported, could you please advise if there is any alternative approach or recommended best practice to achieve this functionality securely and efficiently?

We would greatly appreciate your guidance on this matter.

Thanks & regards.

Microsoft Security | Microsoft Graph
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Aashutosh Tiwari - MSFT 435 Reputation points Microsoft External Staff
    2025-06-25T09:09:42.85+00:00

    Hi Robert,

    Thanks for posting questions on Microsoft Forum

    Currently, Microsoft Graph API does not support read/write access to shared Excel files using App-only permissions. This is a known constraint, as App-only permissions are scoped to resources owned by the app (like SharePoint sites or OneDrive drives the app has been explicitly granted access to), and not to files shared by users.

    However, there are a couple of workarounds and best practices that might help you achieve your goal:

    Option 1: Use a Dedicated Service Account + Delegated Permissions

    Create a dedicated Microsoft 365 user account (e.g., ******@yourdomain.com) and have users share the Excel files with this account.

    Authenticate your backend using delegated permissions via this account using the OAuth 2.0 Resource Owner Password Credentials (ROPC) flow or interactive token caching.

    This allows your backend to act on behalf of the service account and access shared files.

    Option 2: Use App-Only Access with SharePoint Sites and Sites.Selected Permission

    If the Excel files are stored in SharePoint document libraries (including OneDrive for Business), you can:

    Move or copy the shared Excel files to a SharePoint site or OneDrive folder owned by your app or a service account.

    Grant your app Sites.Selected permission and explicitly assign access to the specific site or drive using PowerShell or Microsoft Graph.

    Use App-only access to read/write Excel files stored in that location.

    This approach is more secure and scalable for background jobs.
    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.