403 Forbidden while uploading encrypted file to onedrive

Gillor Geva 6 Reputation points
2022-05-11T10:41:26.37+00:00

I have a file on OneDrive that is labeled and encrypted with Microsoft Information Protection SDK.
I'm trying to replace this encrypted file with another one (encrypted or non-encrypted) and getting 403 Forbidden.
this is the API I'm using:
PUT /users/{user-id}/drive/items/{item-id}/content

Note that when replacing a non-encrypted file the api works perfectly fine.

I tried inspecting the token on jwt.ms and these are the permissions I have:
"Sites.Selected",
"Mail.ReadWrite",
"User.ReadWrite.All",
"Domain.ReadWrite.All",
"Calendars.Read",
"People.Read.All",
"Directory.ReadWrite.All",
"Sites.Read.All",
"Sites.ReadWrite.All",
"Sites.Manage.All",
"Files.ReadWrite.All",
"Directory.Read.All",
"User.Read.All",
"InformationProtectionContent.Write.All",
"Files.Read.All",
"Mail.Read",
"Directory.Write.Restricted",
"Calendars.ReadWrite",
"InformationProtectionPolicy.Read.All",
"Contacts.Read",
"InformationProtectionContent.Sign.All",
"Sites.FullControl.All"

can't figure why I'm getting the 403 and what permissions do I need to add, tried many but nothing changed.

Thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,592 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Zehui Yao_MSFT 5,831 Reputation points
    2022-05-13T10:18:49.23+00:00

    Hello @Gillor Geva , I think the main reason for the 403 error is that the file is protected. I suggest trying to use a higher-level administrator account to access or contact the protection of the file. Hope this helps you.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.