Share via

Querying Sharepoint site directly from Logic App with Sharepoint Search API, how?

Tim 156 Reputation points
2022-10-14T14:58:17.293+00:00

I have a Logic App in which I want to get info/URLs for documents that match a certain query via HTTP request, and then looping over the results in a 'for each' to the read these documents using a Sharepoint task like 'Get file content'.

To do so, I see I have two options. First is the Graph API. Using this, I would have to request permissions for the Logic App system assigned managed identity. There is a guide for doing this that I already found.

However, I would much rather simply run a query to our company sharepoint using something like: https://mycompany.sharepoint.com/_api/search/query?querytext='Year:2022'. However, running this causes a 403 with Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically. Now this seems logical to me since the app has no type of authorization with the Sharepoint site whatsoever.

Next, I try with adding the system-assigned managed identity as authorization, but this also results in a 401, which is logical since the managed identity also doesn't have any rights. But also, I can't find if the managed identity would be a valid way to identify against the 'https://mycompany.sharepoint.com/_api/' and if so, how?

Actually, I can't really find any information on how to provide credentials to the search API, let alone from Logic App. Does anybody have any clue? This is how I want the app to look like and the settings for the HTTP request:

250499-image.png

Azure Logic Apps
Azure Logic Apps
An Azure service that automates the access and use of data across clouds without writing code.
Microsoft 365 and Office | SharePoint | For business | Windows
Microsoft Security | Microsoft Entra | Microsoft Entra ID

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Bruno Lucas 4,436 Reputation points MVP
    2022-10-17T04:10:50.45+00:00
    0 comments
  2. Tong Xu - MSFT 2,546 Reputation points Microsoft External Staff
    2022-10-17T07:48:37.13+00:00

    Since I can't open the link you posted, the analysis of the 401 error may be incorrect.
    Because the request does not contain an Authorization header, the server returns a 401 to the client and adds information to the header of response "www-authentivate". When the client encodes the username and password with Base64 encryption and sends it to the server in the Authorization header, the authentication will be successful.

    Recently, I also encountered a 401 error with postman, which is when requesting the user's token interface, all Body request parameters and headers are the same, but it is an error 401. Forgot to add the request header of Authorization. The solution is to add key-value pairs for basic authentication in the headers

    Here is my sample, when using HttpPost to log in for authentication, the username and password are placed in the request header in the form Authorization: username password. 

    public static User getUserData(String url,String userName,String userPass){  
		 //1.create HttpClient    
	try {  
		BasicHttpParams httpParams = new BasicHttpParams();  
		HttpConnectionParams.setConnectionTimeout(httpParams, 20 * 1000);  
		HttpConnectionParams.setSoTimeout(httpParams, 20 * 1000);  
		DefaultHttpClient client = new DefaultHttpClient(httpParams);  
		HttpPost post = new HttpPost(url);  
		post.setHeader("Content-Type", "application/json");//The main thing here is to figure out what your token is, pass the authentication information correctly, and this authentication information is determined by the username and password  
		//use base64 encrypt  
		byte[] tokenByte = Base64.encodeBase64((userName+":"+userPass).getBytes());  
		//turn to string  
		String tokenStr = DataTypeChange.bytesSub2String(tokenByte, 0, tokenByte.length);  
		//Basic YFUDIBGDJHFK78HFJDHF==    token  
		String token = "Basic "+tokenStr;  
		//sent message to header  
		post.setHeader("Authorization", "Basic "+token);  
		HttpResponse response = client.execute(post);  
		int statusCode = response.getStatusLine().getStatusCode();  
		String retSrc = EntityUtils.toString(response.getEntity(), "utf-8");  
		Log.i("Tag", "url=="+url);  
		Log.i("Tag", "===statuscode==="+statusCode+"===retsrc==="+retSrc);  
	} catch (UnsupportedEncodingException e) {  
		// TODO Auto-generated catch block  
		e.printStackTrace();  
	} catch (ClientProtocolException e) {  
		// TODO Auto-generated catch block  
		e.printStackTrace();  
	} catch (IOException e) {  
		// TODO Auto-generated catch block  
		e.printStackTrace();  
	}  
		return null;  
	}

    Some log in by passing usernames and passwords through post JSON data.

    You can also authenticate the login via HttpGet, in which case the URL contains the username and password information.

    ==============================================================================

    As for providing credentials, it is recommended to check the relevant documentation from Microsoft:
    https://learn.microsoft.com/en-us/windows/win32/secauthn/credential-providers-in-windows

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.