Share via

Sharepoint Search API - No User or App Context found

Valentine2922 0 Reputation points
2023-06-20T17:30:22.9666667+00:00

I have an application that I would like to be able to search a specific Sharepoint tenant, in my example, tenant is "ABC".

I have followed this guide to setup the application:

https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs

The article refers to this authentication method as "ACS app-only access token"; when I connect with PowerShell, I am using the "SharePoint ACS (Legacy) App Only" authentication approach.

My connection appears to work just fine for general Sharepoint API commands. For example, I can do things like:

https://[mydomain].sharepoint.com/sites/ABC/_api/web

and use my Bearer token to get valid results.

The problem comes when I attempt to hit the search API:

https://[mydomain].sharepoint.com/sites/ABC/_api/search/query?querytext='math'

The API returns a "400 Bad Request" with this response: 

No User or App Context found

I have tried in both Postman and using PowerShell and I get the same response either way.

Googling, I have found information like this:

https://learn.microsoft.com/en-us/answers/questions/855706/csom-microsoft-sharepoint-client-serverexception-n

Which suggests the problem is a permissions issue.

I have attempted to modify my permissions, and this is what I have currently setup as permissions for my app:

https://[my domain].sharepoint.com/sites/ABC/_layouts/15/appinv.aspx

AppPermissionRequests AllowAppOnlyPolicy="true">

<AppPermissionRequest Scope=https://sharepoint/content/sitecollection Right="FullControl" />

<AppPermissionRequest Scope=https://sharepoint/content/sitecollection/web Right="FullControl" />

<AppPermissionRequest Scope=https://sharepoint/taxonomy Right="FullControl" />

<AppPermissionRequest Scope=https://sharepoint/content/tenant Right="FullControl" />

</AppPermissionRequests>

 

 

Admin: https://[my domain]-admin.sharepoint.com/_layouts/15/appinv.aspx

<AppPermissionRequests>

  <AppPermissionRequest Scope=http://sharepoint/search Right="QueryAsUserIgnoreAppPrincipal" />

</AppPermissionRequests>

This article suggested we needed to have "FullControl" on the tenant, which we have done, but still no luck:

https://learn.microsoft.com/en-us/archive/blogs/vesku/using-add-in-only-app-only-permissions-with-search-queries-in-sharepoint-online

I have confirmed the issue using both Postman and PowerShell. In PowerShell, I first authenticate with our client_id and secret (Connect-PnPOnline), and then run Submit-PnPSearchQuery to trigger the error.

Any ideas what might be wrong?

Microsoft 365 and Office SharePoint Development

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-06-21T08:12:11.99+00:00

    Hi@Valentine2922

    Judging from the error message you provided, the reasons for the current problem are as follows:

    1. Verify the authentication method: Make sure you are using the correct authentication method to access the SharePoint Search API. Depending on your scenario, you might need to use a different authentication method, such as user context or app-only context. Make sure to use the appropriate method for your application.
    2. Check the access token: If an access token was used to authenticate the API request, verify that the access token was correctly obtained and included in the request header. Make sure the token has the required permissions to access the search functionality.
    3. Verify application permissions: If you are using an application-only context, verify that your application has the required permissions to access the SharePoint Search API. This involves configuring the necessary permissions in the application manifest or in the application permission request page.
    4. Grant appropriate permissions: Make sure the user or application context has the appropriate permissions to perform the search operation. Check the user's permissions in SharePoint to make sure they have the access they need to perform the search.
    5. Validate API endpoints and parameters: Double-check the API endpoint URL and query parameters used in the request. Make sure the URL is correct and matches the target site and tenant. Review the query parameters and syntax to make sure they are well-formed. .
    6. Cross-tenant access issues

    Considering that none of the above five problems are correct in your description, please check the tenant's access policy.

    Cross-tenant access may be restricted by the target tenant's security policies and configurations. Therefore, before implementing cross-tenant access, it is recommended to communicate with the administrator of the target tenant to ensure that you comply with their requirements and restrictions

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best Regards

    Cheng Feng

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.