0

I have issue with Adding List Item But I can Read List Item without any issue. I will narrate full step how I did. I want to use REST API outside SharePoint Online.

  1. I register App by going to https://xxxx.sharepoint.com/_layouts/15/appregnew.aspx on SharePoint Online.

  2. When I register I mention my client id, client secret, app domain and redirect uri

  3. Once I did I find my site realm by navigating to https://xxxx.sharepoint.com/_vti_bin/client.svc

  4. Now I navigate to https://xxxx.sharepoint.com/_layouts/15/OAuthAuthorize.aspx?client_id=my_client_id&scope=app_permissions_list&response_type=code&redirect_uri=redirect_uri I pass client id and redirect uri which I mention when I register App and mention scope as List.Read List.Write, So I got code which expire after 5 minutes

  5. From that code I navigate to https://accounts.accesscontrol.windows.net/site_realm/tokens/OAuth/2 where I pass in body grant_type = authorization_code client_id = client id @ site_realm client_secrete = client secrete redirect_uri = redirect url resource = audience principal ID/ my sharepoint domain @ site_realm

  6. And I got access token and refresh token. Where access token remain for 12 hours and after that you can do point 6 with refresh_token

After that I run below code to get Custom List items

$.ajax({
        url: "https://xxxx.sharepoint.com/_api/lists/getbytitle('Feedback')/items?$select=Title,URL",
        method: 'GET',
        headers: {
          "Accept": "application/json; odata=verbose",
          "Authorization": "Bearer " + accessToken,
        }
      })

This works without issue, but when I try to add list item I get error Access denied. You do not have permission to perform this action or access this resource

$.ajax({
        url: "https://xxxx.sharepoint.com/_api/lists/getbytitle('Feedback')/items",
        method: "POST",
        contentType: "application/json;odata=verbose",
        data: JSON.stringify(data),
        headers: {
          "Authorization": "Bearer " + accessToken,
          "Accept": "application/json; odata=verbose",
          "Content-Type": "application/json",
        },
        success: function (data) {
          alert('Item added successfully');
        },
        error: function (error) {
          alert("Error: " + JSON.stringify(error));
        }
      })

Please help to resolve the issue of access denied and let me know what I am missing

Improve this question
7
  • Please help appriciated Commented Aug 7, 2018 at 18:39
  • You can see in my answer below that it is not enough to register an app only by going to xxxx.sharepoint.com/_layouts/15/appregnew.aspx. Commented Aug 8, 2018 at 7:27
  • I tried your first link Granting access using SharePoint App-Only but my REST API still give access denied Commented Aug 8, 2018 at 7:31
  • what kind of permissions did you give? Commented Aug 8, 2018 at 7:32
  • Also, how does the data payload look like? Do follow the exact format stated on Microsoft docs? docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/… because I can see that you are missing two headers, x-RequestDigest and content-length Commented Aug 8, 2018 at 7:37

1 Answer 1

Reset to default
1

Have you given the newly registered app the correct permissions on "/_layouts/15/appinv.aspx" be careful when setting the permissions, so that you dont enable to high permissions. Granting access using SharePoint App-Only

Just an heads up, you can also register your app using the Azure AD. Here you have a more direct way of assigning permissions to the app/add-in. But keep in mind that all the permissions here is granted tenant wide. Granting access via Azure AD App-Only

Please read more about add-in permissions on Microsofts docs regarding this topic. Add-in permissions in SharePoint

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.