RoleAssignments via the rest api returns unauthoried on SharePoint On-line

Zdeněk Fridrichovský 1 Reputation point
2020-09-18T07:43:02.723+00:00

Hi,
I am using REST API to get roles on SharePoint. I am using "_api/Web/RoleAssignments". Problem is that it returns error message "Unauthorized". I tried add tenant permission to APP as described in this link https://sharepoint.stackexchange.com/questions/199261/what-permissions-do-i-need-to-get-roleassignments-via-the-rest-api.

But it doesn't help.

Can you help me? What I have to do?

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
6,074 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Jerryzy 10,301 Reputation points
    2020-09-21T07:06:12.5+00:00

    Hi @Zdeněk Fridrichovský ,

    If you are using SharePoint Hosted App to get the RoleAssignments in host web, please write code in App.Js like this:

    'use strict';  
      
    var hostweburl;  
    var appweburl;     
      
      
        // This code runs when the DOM is ready and creates a context object which is needed to use the SharePoint object model  
        $(document).ready(function () {  
            hostweburl = decodeURIComponent(getQueryStringParameter("SPHostUrl"));  
            appweburl = decodeURIComponent(getQueryStringParameter("SPAppWebUrl"));    
            var scriptbase = hostweburl + "/_layouts/15/";  
            $.getScript(scriptbase + "SP.RequestExecutor.js", getRoleAssignments);  
                 
        });  
      
      
      
    function getRoleAssignments() {  
        var executor = new SP.RequestExecutor(appweburl);  
        var FullURL = appweburl + "/_api/SP.AppContextSite(@target)/web/roleassignments?@target='" + hostweburl + "'";  
      
        executor.executeAsync(  
            {  
                url: FullURL,  
                method: "GET",  
      
                headers: {  
                    "accept": "application/json;odata=verbose",  
                    "content-type": "application/json;odata=verbose",  
                    "X-RequestDigest": $("#__REQUESTDIGEST").val()  
                },  
                success: onDataReturned,  
                error: errorHandler  
            }  
        );   
    }  
      
    function errorHandler(data, errorCode, errorMessage) {  
        console.log("Could not complete cross-domain call: " + errorMessage);  
    }  
      
    function onDataReturned(data) {  
        console.log(data.body);  
      
    }  
      
    function getQueryStringParameter(paramToRetrieve) {  
        var params =  
            document.URL.split("?")[1].split("&");  
        var strParams = "";  
        for (var i = 0; i < params.length; i = i + 1) {  
            var singleParam = params[i].split("=");  
            if (singleParam[0] == paramToRetrieve)  
                return singleParam[1];  
        }  
    }  
    

    In AppManifest.xml:

    <AppPermissionRequests>  
        <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" />  
        <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />  
        <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />  
      </AppPermissionRequests>  
    

    Here is the response in Developer Tool:

    25966-snipaste-2020-09-21-15-01-10.png


    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    No comments