Microsoft 365 and Office | SharePoint | Development
The process of building custom applications and tools that interact with Microsoft SharePoint, including SharePoint Online in Microsoft 365.
Error inside my azure function:- This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 90%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
john john
1,031
Reputation points
I have this CSOM code inside my Azure Function inside Visual Studio 2022:-
var certificate = GetCertificateByThumbprint(Environment.GetEnvironmentVariable("CertificateThumbPrint"));
// Set up the MSAL client
var clientApplication = ConfidentialClientApplicationBuilder
.Create(Environment.GetEnvironmentVariable("ClientId"))
.WithCertificate(certificate)
.WithAuthority($"https://login.microsoftonline.com/{Environment.GetEnvironmentVariable("TenantId")}")
.Build();
// Acquire an access token
var scopes = new[] { Environment.GetEnvironmentVariable("SiteUrl")+ ".default" };
var authenticationResult = await clientApplication.AcquireTokenForClient(scopes).ExecuteAsync();
var accessToken = authenticationResult.AccessToken;
// Set up the SharePoint context
var clientContext = new ClientContext(Environment.GetEnvironmentVariable("SiteUrl"));
clientContext.ExecutingWebRequest += (sender, e) =>
{
e.WebRequestExecutor.RequestHeaders["Authorization"] =
"Bearer " + accessToken;
};
clientContext.Load(clientContext.Web);
clientContext.ExecuteQuery();
but i am getting this error on var authenticationResult = await clientApplication.AcquireTokenForClient(scopes).ExecuteAsync();
{"AADSTS500011: The resource principal named https://****.sharepoint.com/sites/DocumentManagement was not found in the tenant named ***. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.\r\nTrace ID: 99efd092-ee23-4519-9c41-43f2d8db2101\r\nCorrelation ID: f4aa1bb1-2209-4674-a763-652fa123d554\r\nTimestamp: 2023-02-27 14:51:35Z"}
Here is the Azure Active Directory APP i am using, which i configured it to have access to a single site using this powershell command:-
$siteUrl = "https://***.sharepoint.com/sites/DocumentManagement/"
$clientId = "***"
$certThumbprint = "***"
$tenant = "***.onmicrosoft.com"
Connect-PnPOnline -Url $siteUrl -Interactive
$writeperm = Grant-PnPAzureADAppSitePermission -Permissions "Write" -Site $siteUrl -AppId $clientId -DisplayName "FolderStructure"
$PermissionId = Get-PnPAzureADAppSitePermission -AppIdentity $clientId
Set-PnPAzureADAppSitePermission -Site $siteurl -PermissionId $(($PermissionId).Id) -Permissions "FullControl"
Here is a screen shot of my Azure AD App:-
Any advice on this please? the error is saying that it can not access this site https://***.sharepoint.com/sites/DocumentManagement/ which is a valid site inside my tenant and i have granted the Azure Ad APP full control on it (as shown in the power shell script)
Microsoft 365 and Office | SharePoint | Development
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
-
JamesTran-MSFT 37,256 Reputation points Microsoft Employee Moderator2023-03-02T00:39:36.4833333+00:00 Thank you for your post and I apologize for the delayed response!
Error Message:
AADSTS500011: The resource principal named https://****.sharepoint.com/sites/DocumentManagement was not found in the tenant named ***. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant....From your error message, I was able to look up your Correlation ID and Timestamp but didn't find any information besides what's shown in the error - "The resource principal named ... was not found in the tenant named...". To gain a better understanding of your issue, can you share the documentation that you're following so I can try to reproduce the issue on my end?
I also found a related issue within Stack Overflow that looks like it's actively being worked on - This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant
Any additional information would be appreciated.
Thank you for your time and patience throughout this issue!
-
JamesTran-MSFT 37,256 Reputation points Microsoft Employee Moderator
2023-03-06T21:47:59.3433333+00:00 I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
Sign in to comment
Sign in to answer