Hi Experts,
I've registered an app in Azure with the following API permission via Microsoft Graph: Sites.Read.All and have admin consent.
The following code is returning this error (note hidden client ID, client secret, tenant ID and site url - these are all confirmed correct).
import requests
from msal import ConfidentialClientApplication
client_id = 'XXX'
client_secret = 'XXX'
tenant_id = 'XXX'
site_url = 'XXX'
def get_access_token():
authority = f"https://login.microsoftonline.com/{tenant_id}"
app = ConfidentialClientApplication(client_id, authority=authority, client_credential=client_secret)
result = app.acquire_token_for_client(scopes=["https://graph.microsoft.com/.default"])
if "access_token" in result:
return result['access_token']
else:
print("Error acquiring token:")
print(result)
return None
def get_sharepoint_data(query):
access_token = get_access_token()
if not access_token:
return {"error": "Failed to acquire access token"}
headers = {
'Authorization': f'Bearer {access_token}',
'Accept': 'application/json'
}
url = f"https://graph.microsoft.com/v1.0/sites/{site_url}/search/query?querytext='{query}'"
response = requests.get(url, headers=headers)
return response.json()
query = "Your search query here"
response = get_sharepoint_data(query)
print(response)
'error': 'code': 'AccessDenied', 'message': 'Either scp or roles claim need to be present in the token.'