Microsoft Graph API: SharePoint: Upload files into restricted folders

totally_gizmo 96 Reputation points
2023-01-09T19:01:12.25+00:00

I was unable to find any documentation on using the Graph API to upload documents to some of the restricted folders such as sharepoint.com/_catalogs/masterpage/Forms directory. Would the use of the Permissions API for the Azure application that we run Graph API enable the use of the regular upload via Drive Item API into these directories or is there another call that will be rolling out to enable the update to directories like sharepoint.com/_catalogs/themes/ ?

If this functionality is not going to be available through the Graph API, is there a non-deprecated API that will allow for the uploading of files? Using an GUI would not be a satisfactory solution.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,515 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,561 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,569 questions
0 comments
Accepted answer
  1. RaytheonXie_MSFT 30,906 Reputation points Microsoft Vendor
    2023-01-10T02:52:59.203+00:00

    Hi @totally_gizmo Per my test, the Master Page Gallery is restricted. When I try to upload a file I will get "Access Denied" error even if I am a Site Collection Admin. There is a "Deny" rule that restricts access to Master Page Gallery. And this rule is not a part of any Permission levels available on the site collection. We can set it using SharePoint Online Management Shell

    Connect-SPOService https://&ltyourtenant>-admin.sharepoint.com
Set-SPOSite -Identity https://<yourtenant>.sharepoint.com/sites/<team-site> -DenyAddAndCustomizePages $false

    After that the permissions in Master Page gallery work as expected and the Deny rule is gone.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment". Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest