Problem with Graph API (access SharePoint data) for an external user with o365 guest login (Personal a/c)

tatha mahata 1 Reputation point
2022-03-09T03:09:01.99+00:00

I am trying a graph API endpoint for an external user (has Microsoft personal account in o365 and invited as guest user from Azure AD. Same external user has given access (Share) for a specific SharePoint site and can login to SharePoint directly to view/access files/folders. I am trying the following endpoint from Postman, via Authorized user credential, I get the access token after being prompted for Microsoft Online login (Email and Password), and I pass the same token to the graph API POST request. https://graph.microsoft.com/v1.0/sites/myCompanyName.sharepoint.com/drives/{drive-id}/root/children

I get response as unauthorized from graph endpoint. But then I open the SharePoint site and login as the external user on a separate Chrome incognito window. First, it doesn't ask my credential (that I just provided for the Postman request). And now I go back to postman and click send button, now I get all the data as expected.

I am working a a prototype using MVC ASP.NET C# (not Core) to test if Graph API/SDK can be used in our project. This is a strange issue and I have the same experience while running the .NET application. From my .NET MVC app, I can get On Behalf Of token for the external user, and pass it to Graph API/SDK, it fails. But when I open the SharePoint site for the same site and same user, and make a retry attempt on the .NET app, everything works as expected.

Note: While executing the same code (.NET) as internal user, I never get into any issues. It points to the configuration of external user (Microsoft online account - personal) in Azure AD or SharePoint. But I verified all access, permissions and everything seems ok. Microsoft support mentioned an error code SiteExtranetUsersDisabled which stops me from accessing (and possibly when I login to the SharePoint site, it recognizes me via SSO and allows my access till the access token expires! Anyone had the same/similar issues?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,858 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,875 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. RaytheonXie_MSFT 32,241 Reputation points Microsoft Vendor
    2022-03-09T08:26:09.767+00:00

    Hi @tatha mahata
    You need to refer to following steps to access sharepoint with graph api in postman.
    https://learn.microsoft.com/en-us/graph/use-postman


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.