OneDrive API Resumable item (large) upload returns InvalidAuthenticationToken

Question

I am using Microsoft business account assigned by admin with admin permission to register application in Azure. This app is configured with permissions of "Files.ReadWrite Files.ReadWrite.All Sites.ReadWrite.All;".

1. My client code uses ROPC signin flow and successfully signed in with the above same permission as scope in signin request, and got access_token back.
2. Then I requests an upload session using this access_token in request header, and successfully got 200 response with uploadUrl.
3. Then I use this url to submit PUT request (NO access_token in header) to upload chunk of file, I got 401 response {"error":{"code":"InvalidAuthenticationToken","message":"Access token is empty."}

I researched some posts with similar situations, but still cannot figure it out.

1. access_token is applied from https://graph.microsoft.com, while returned uploadUrl is https://{tenant}-my.sharepoint.com/personal/{account_email}/... Not sure if this is cause.
2. Returned uploadUrl length is around 1400-1600, more < 2000. So should not be URL length problem.
3. App was registered as "Accounts in any organizational directory (Any Azure AD directory - Multitenant)". Assigned permissions are type of delegated.

Please help.

Answer 1

This may be caused by a missing token in your uploadUrl. This is my test process:

First I create uploadUrl in Graph Explorer, in fact, you can see that tempauth is your token.

Next, I copy uploadUrl to postman and upload the file. Also don't forget to add Content-Length and Content-Range to the request header.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.