Microsoft Graph API: 'Tenant does not have a SPO license' Error when Accessing SharePoint Site with valid business o365 account

dude95 0 Reputation points

I am attempting to access a SharePoint site using the Microsoft Graph API from a Python script. Despite having granted the necessary permissions in Azure AD and assigning licenses, I keep encountering the following error:

Failed to get site ID. Status code: 400

    'error': {
        'code': 'BadRequest',
        'message': 'Tenant does not have a SPO license.',
        'innerError': {
            'date': '2024-05-22T12:52:33',
            'request-id': 'cd207c1f-5bbc-435d-b6e3-94170d9e6aff',
            'client-request-id': 'cd207c1f-5bbc-435d-b6e3-94170d9e6aff'

Azure AD App Registration:

  • Created an app registration and granted Sites.ReadWrite.All and Files.ReadWrite.All permissions.
  • Admin consent has been granted for these permissions.

SharePoint Permissions:

  • Added the app with the following permission request XML at https://*
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />


  • Verified that the tenant has SharePoint Online licenses available.
  • Assigned SharePoint Online licenses to the users.

Python Script:

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,034 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,755 questions
Microsoft Entra Private Access
Microsoft Entra Private Access
Microsoft Entra Private Access provides secure and deep identity-aware, Zero Trust network access to all private apps and resources.
51 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. RaytheonXie_MSFT 32,476 Reputation points Microsoft Vendor

    Hi @dude95,

    According to the documentation. The /tenant id or / endpoint only allows users with work/school accounts of a specific Azure AD tenant to log in to the application. It does not support personal accounts. Ensure you’re using a work or school account, not a personal Microsoft account.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.