Granting access using SharePoint App-Only

Zakaria Muhammad 161 Reputation points
2021-04-16T03:10:26.387+00:00

I have created Client ID and Secret using the following document. using postman I can get the Access token but when I run Get using Bearer <Token> as authorization, it through an error

{"error":"invalid_request","error_description":"Token type is not allowed."}

https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs

Any help in this will be appreciated.

get token

URL https://accounts.accesscontrol.windows.net/Tenant ID()/tokens/OAuth/2/
grant_type:client_credentials
client_id:<Client ID>@<Tenant ID>
client_secret: <Client Secret>
resource:00000003-0000-0ff1-ce00-000000000000/<tenant>.sharepoint.com@<tenant ID>

Permission XML

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" />
</AppPermissionRequests>

I also have created Azure AD App-Only for SharePoint using the document below but don't know how to use it via postman. if Postman works I can move this easily to OIC

https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread

SharePoint Server
SharePoint Server
A family of Microsoft on-premises document management and storage systems.
2,231 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,704 questions
SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,576 questions
0 comments
Accepted answer
  1. MichaelHan-MSFT 18,016 Reputation points
    2021-04-16T06:07:30.647+00:00

    Hello, @Zakaria Muhammad ,

    Per my test, SharePoint App-Only access token works fine on my end. I used the same way as yours. Did you use the access token as the below:

    88524-image.png

    For Azure AD App-Only for SharePoint, you could get the access token like this: 

    Grant Type :         Authorization Code   
Callback Url :       this should be the AAD App redirect Url   
Auth URL :           https://login.microsoftonline.com/common/oauth2/authorize?resource=https%3A%2F%2F<tenant_name>.sharepoint.com    
Access Token URL :   https://login.microsoftonline.com/common/oauth2/token    
Client ID :          <client_ID>    
Client Secret :      <Client-secret>

    88489-image.png

    When you click Get Access Token, it would request you to sign in. After signing in, you would access it successfully.

    Reference: https://www.ludovicmedard.com/use-postman-and-azure-ad-to-send-rest-request-to-sharepoint-online/

    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest