Share via

Sharepoint Search API - No User or App Context found

Monika V 60 Reputation points
2023-09-08T05:43:19.15+00:00

Hi Team,

Currently we are exploring Search API and for Authentication, we are using a Bearer token.

The problem comes when I attempt to hit the search API:

https://[mydomain].sharepoint.com/sites/Test/_api/search/query?querytext='SharEPoint'

The API returns a "400 Bad Request" with this response:

User's image

I have attempted to modify the below permissions but still no luck.

https://[my domain].sharepoint.com/sites/Test/_layouts/15/appinv.aspx

User's image

User's image

This below article suggested we needed to have "FullControl" on the tenant, which we have done and its working fine now. I can able to get the result.

Is having "FullControl" at the tenant level the sole solution to address this problem?

https://learn.microsoft.com/en-us/archive/blogs/vesku/using-add-in-only-app-only-permissions-with-search-queries-in-sharepoint-online

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
10,300 questions
Accepted answer
  1. ChengFeng - MSFT 5,020 Reputation points Microsoft Vendor
    2023-09-08T07:09:53.9133333+00:00

    Hi @Monika V

    Please try :

    Copy
<AppPermissionRequests>
  <AppPermissionRequest Scope="http://sharepoint/search" Right="QueryAsUserIgnoreAppPrincipal" />
</AppPermissionRequests>

    This permission lets you query the search add-in based on the user's permissions. This means that search results will be returned based on the user's ACLs.User's

    User's image

    Here is a link for your reference:

    https://learn.microsoft.com/en-us/sharepoint/dev/general-development/search-add-ins-in-sharepoint

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    Best Regards

    Cheng Feng

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Monika V 60 Reputation points
    2023-09-08T07:48:16.01+00:00

    Hi Cheng,

    Thanks for your response.

    Currently, we are using client ID and client secret to connect SharePoint online from the Node.js application. So, we tried to grant the below permission by following steps.

    Step 1:

    https://[mydomain]-admin.sharepoint.com/_layouts/15/appinv.aspx

     

    We will see the below screen.

    User's image

    Step 2:

    On the "AppInv.aspx" page, We enter the Client ID and Select Lookup.

     

     

    Step 3: Configure Permission

    Under Permission Request XML, we specify the below xml configuration for the permission.

    <AppPermissionRequests>

    <AppPermissionRequest Scope=http://sharepoint/search Right="QueryAsUserIgnoreAppPrincipal" />

    </AppPermissionRequests>

     

    Step 4:

    After entering the Client ID and XML configuration, click the "Create” button. Next, Clicked the “Trust It” button to grant the specified elevated permissions.

    But this is not working for us.. Only after giving below XML then only its working. 

    <AppPermissionRequests AllowAppOnlyPolicy="true">
  <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
</AppPermissionRequests>
  2. Monika V 60 Reputation points
    2023-09-08T12:39:22.4133333+00:00

    Hi Team,

    Waiting for your response.

    0 comments