Share via

500 error when creating SharePoint site permission via Graph API

Denis 20 Reputation points
2025-04-28T13:48:46.8966667+00:00

When attempting to create a SharePoint site permission for the app registration via Graph API, I’m receiving a 500 error.

Using a different app ID works.

Request URL:

https://graph.microsoft.com/v1.0/sites/{sp_tenant}.sharepoint.com:/sites/CELibrary:/permissions Request body:

{
    "roles": [
        "read"
    ],
    "grantedToIdentities": [
        {
            "application": {
                "id": "{app_id}"
            }
        }
    ]
}

Response body:

{
    "error": {
        "code": "generalException",
        "message": "General exception while processing",
        "innerError": {
            "date": "2025-04-28T13:33:20",
            "request-id": "db228cab-65f5-4f4f-bdb7-642d3ba7256d",
            "client-request-id": "840eb231-2abb-6409-7075-fd6647672b43"
        }
    }
}

ann_developer.microsoft.com_en-us_graph_graph-explorer

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments
Answer accepted by question author
  1. Anonymous
    2025-04-30T08:52:03.5566667+00:00

    Hello @Denis, When tested I faced the similar issue when creating SharePoint site permission via Microsoft Graph API.

    I got the same error when I passed application ID of TestAppA:

    
POST https://graph.microsoft.com/v1.0/sites/domain.sharepoint.com:/sites/RukSite:/permissions

{

    "roles": [

        "read"

    ],

    "grantedToIdentities": [

        {

            "application": {

                "id": "AppID"

            }

        }

    ]

}

    enter image description here

    But when I passed application ID of TestAppB it worked:

    enter image description here

    Hence to resolve the issue, as a workaround, I modified the request body as mentioned in this Microsoft Document: Create permission - Microsoft Graph v1.0 | Microsoft by passing the displayName too in the request body.

    For the TestAppA, for which I was getting the error I passed displayName the request body as below:

    
POST https://graph.microsoft.com/v1.0/sites/domain.sharepoint.com:/sites/RukSite:/permissions

{

  "roles": ["read"],

  "grantedToIdentities": [{

    "application": {

      "id": "TestAppAAppID",

      "displayName": "Test"

    }

  }]

}

    enter image description here

    Hence to resolve the issue pass displayName in the request body for all the applications while creating SharePoint site permission via Microsoft Graph API.

    I tested the same for several applications and by passing the displayName in the request body and the API call is successful.

    Hope this helps!

    If this answers your query, do click Accept Answer and Yes for was this answer helpful, which may help members with similar questions.

    User's image

    If you have any other questions or are still experiencing issues, feel free to ask in the "comments" section, and I'd be happy to help.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.