UnauthorizedAccessException Error When Listing SharePoint Sites Using App-Only Access

Hardik Purohit 0 Reputation points
2024-08-22T09:24:43.7466667+00:00

Hello SharePoint Support Team,

I am encountering an issue while attempting to list all sites available on SharePoint using App-based access. Here are the details:

  • App Registration: I have registered my app on SharePoint and am using the app-only access method.
  • API Endpoint Used: {Tenant_URL}/_api/web/webs
  • Access Token: I am passing the access token in the headers as part of the request.

Problem:

When I make the API request, I receive the following error response:

{
    "error": {
        "code": "-2147024891, System.UnauthorizedAccessException",
        "message": {
            "lang": "en-US",
            "value": "Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))"
        }
    }
}

It appears that the app is not authorized to access the required resources, but I am unsure why this is happening. Could you please help me understand what permissions or configurations might be missing or incorrect?

Thank you for your assistance.

SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,926 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Ling Zhou_MSFT 16,665 Reputation points Microsoft Vendor
    2024-08-23T06:04:47.1166667+00:00

    Hi @Hardik Purohit,

    Thank you for posting in this community.

    Are you using this? Granting access using SharePoint App-Only.

    If so, the ACS app-only access token is no longer supported in the new SharePoint Online tenant.

    User's image But we can change the behavior by running 'set-spotenant -DisableCustomAppAuthentication $false' (needs the latest SharePoint admin PowerShell).

    If you're not using SharePoint Online, you'll need to check that your permission XML has been granted enough permissions.

    For more information about scopes and permissions in the AppPermissionRequests XML, see the following articles:

    Types of add-in permissions and permission scopes

    Differences between add-in permission rights and user rights


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.