We're creating token for a specific client's tenancy, and we want to be able to access all SharePoint documents for all the sites in the tenancy. Is there a way to access those using a generic SharePoint API and one access token?
There are two files store:
- one in a personal OneDrivce folder in the tenancy
- one in a SharePoint site folder, e.g. for a Yammer group
The url to the file in a personal OneDrivce folder starts with '<tenant-name>-my.', whereas the SharePoint site document url doesn't contain the '-my' suffix:
- file in a personal OneDrivce folder:
- SharePoint site document:
- We have been trying to create an access token with a
https://microsoft.sharepoint-df.com/AllSites.Read scope, but it ends with incorrect audience issue. We hoped that since those are SharePoint documents in the same tenancy, we would be able to access them.
- We have used two different access tokens with different scopes. We explicitly added
https://<tenant-name>-my.sharepoint.com/... to the first scope, and the
https://<tenant-name>.sharepoint.com to the second scope, to be able to download those files using
GetFileById. This works, however we would prefer to use a single generic scope without providing every url and needed a separate tokens.
Additionally, we have tried using the Microsoft Graph API, but it seems we don't have enough details to use it, e.g. we don't know the drive and item ids and the file path.
Is there a way to access all SharePoint documents within a tenancy using a generic API with details from file's urls? The details we have are: <tenant-name>, <site-id>, sourcedoc, file name?