Sharepoint error creating folder using REST API in Postman

Rui Vilarinho 0 Reputation points
2023-05-26T16:03:59.66+00:00
  1. Created access token by using steps mentioned in the link https://global-sharepoint.com/sharepoint-online/in-4-steps-access-sharepoint-online-data-using-postman-tool/
  2. Added the following xml in https://xxxxx.sharepoint.com/sites/TESTE365/_layouts/15/appprincipals.aspx

<AppPrincipal> <RemoteWebApplication ClientId="xxxxxxxxxxxxx" /> </AppPrincipal> <AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read"/> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Write"/> </AppPermissionRequests>

  1. Sharepoint site:

enter image description here

  1. I am able to list the folders in Postman:

enter image description here

  1. I get ‘access denied’ trying to create a folder:

enter image description here

Please help

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,227 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. RaytheonXie_MSFT 33,486 Reputation points Microsoft Vendor
    2023-05-29T06:37:11.7+00:00

    Hi @Rui Vilarinho

    Per my test, I could reproduce your issue by the same xml. Then I change the xml to sitecollection scope and the token worked without access denied

    User's image

    Here is the api and xml for reference

    <AppPermissionRequests AllowAppOnlyPolicy="true">
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="Read" />
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="Write" />
    </AppPermissionRequests>
    
    POST https://{site_url}/_api/web/folders
    Authorization: "Bearer " + accessToken
    Accept: "application/json;odata=verbose"
    Content-Type: "application/json;odata=verbose"
    Content-Length: {length of request body as integer}
    X-RequestDigest: "{form_digest_value}"
    
    {
      "__metadata": {
        "type": "SP.Folder"
      },
      "ServerRelativeUrl": "/document library relative url/folder name"
    }
    

    And a nice document for your reference

    https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/add-in-permissions-in-sharepoint


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.