I added a SharePoint 2013 add-in to a site. The app requires that it be trusted. But each time I click "Trust it", I get "An error occurred processing your request".
Please how do I resolve this?
I just realised I was signed in with an account the was "System". I signed in with a non system account(account was also site collection administrator), and that seemed to resolve the issue. Dont seem to know why the system account has the issues.
Related
We have a multitenant application that heavily relies on the Graph API. We access both mailboxes through Messages API and Sharepoint sites through Files API. Most clients use a very permissive access model to get more features available in our application. A few has strict demands on access and for those we are only allowed to access a specific sharepoint site. For this site we've registered another AppId to use Sites.Select permission where the clients Global Admin allow access to our application using PowerShell
This has worked fine until this morning, where all requests to the Files API are returning "403 Forbidden" and the C# SDK is returning "Access denied".
I've requested the clients to execute PowerShell command to verify if we still has access to their Sharepoint site:
Get-PnPAzureADAppSitePermission -AppId 'xxxxxxxxxxxx'
but they all get the same error message:
Get-PnPAzureADAppSitePermission: Operation Failed
The Pnp.PowerShell cmdlet used is 1.10
Anyone know why this happened to MS Graph or if the PS error is related to the Graph error?
Did Microsoft change something?
This has been acknowledged by MS as an unexpected service issue and can be tracked as SP381039
Title: Users may see 'Access Denied' errors when using Graph APIs for SharePoint Online
User Impact: Users may see 'Access Denied' errors when using Graph APIs for SharePoint Online.
Current status: We've identified that components of the authentication feature are unexpectedly not present in some users' environments thus resulting in the Graph API access requests to fail. We're redeploying the affected feature within impacted environments to remediate impact. In parallel, we're investigating recent feature changes to identity why the components are unexpectedly not present.
Next update by: Tuesday, May 17, 2022, at 5:00 PM UTC
Latest update from MS, received 17 May 16:45:
Current status: We've confirmed that a recent feature deployment misconfiguration has prevented components associated with the authentication feature from being available in a group of customer environments, which is producing 'Access Denied' errors when using Graph APIs for SharePoint Online. We've confirmed that our redeployment of the authentication feature to some impacted environments has resolved the impact. We're now redeploying the feature to all affected remaining environments, which is expected to remediate impact.
Scope of impact: This issue may potentially affect any of your users attempting to utilize Graph APIs for SharePoint Online.
Root cause: A recent feature deployment misconfiguration has prevented an authentication feature from being available in a group of customer environments, resulting in impact.
Next update by: Tuesday, May 17, 2022, at 9:30 PM UTC
Exactly the same issue Tuesday AM New Zealand time. Using C# code / Postman and PowerShell directly.
I've logged a ticket with Microsoft as my guess (no evenidence) is it is a code regression on PNP. I'll update here if I hear anything.
We have 2 apps (test and prod), both began failing Tuesday morning with 403 / access denied messages.
When I tried to check permissions and reset permissions using
get-PnPAzureADAppSitePermission
or
grant-PnPAzureADAppSitePermission
Powershell says : "Operation not supported"
Full text
Grant-PnPAzureADAppSitePermission : {"error":{"code":"notSupported","message":"Operation not supported","innerError":{"
date":"2022-05-16T23:39:16","request-id":"xxxx-azureappid-yyyy","client-request-id":"xxxx-azureappid-yyyy"}}}
At line:8 char:1
Grant-PnPAzureADAppSitePermission -AppId $appId -DisplayName 'TenantName...
+ CategoryInfo : NotSpecified: (:) [Grant-PnPAzureADAppSitePermission], HttpRequestException
+ FullyQualifiedErrorId : System.Net.Http.HttpRequestException,PnP.PowerShell.Commands.Apps.GrantPnPAzureADAppSite
Permission
This morning when I tested this, everything is back to the way it was on Friday New Zealand time.
I've heard from Microsoft via the ticket I logged, that the "PG team had reinstated an update from the backend". It didn't work last night, but this morning we're back up and running.
I hope your tenancies come back too. If not log a Microsoft ticket if you can. I do this via the https://admin.microsoft.com/Adminportal/Home?source=applauncher#/support/requests page using the "New service request" menu item. We have this feature due to our contract with Microsoft.
We are trying to connect an internal application to Sharepoint 365. The goal is to read data from Sharepoint 365 lists and Excel documents. We want to take advantage of the fact we already use OAuthentication and basically our users login with their own Windows credentials. Now, to accomplish that we first need to register an application with Sharepoint which we did using this link:
https://mycompany.sharepoint.com/sites/MySite/_layouts/15/appregnew.aspx
After that we also need to get an authorization code for clients to login with their Windows account. We do that with this URL:
https://mycompany.sharepoint.com/sites/MySite/_layouts/15/OAuthAuthorize.aspx?client_id=14f0e39c-1234-42ea-bed5-ee5c7c834655&scope=List.Read&response_type=code&redirect_uri=https%3A%2F%2Fmysite.mycompany.com%3A9090%2Foauth%2F2.0%2FredirectURL.jsp
When we run that last link we get the error below:
Sorry, something went wrong
There is no claims identity. Please make sure the web application is configured to use Claims Authentication.
TECHNICAL DETAILS
Troubleshoot issues with Microsoft SharePoint Foundation.
Correlation ID: 367ee69f-5066-0000-e1ef-cee55f7b7000
As you can see, the error is not very helpful. I have done already lots of research and answers vary from lack of higher level of access, to invalid URL request. I have elevated access and the URL is well constructed. Yet the error persist.
So, my question, what is the meaning of the error? Why is not executing?
We logged a Microsoft Premier Support ticket and behold! the problem has been fixed.
I'm trying to use the Sharepoint -> Get File Content action in Power Automate, but I'm getting a 403 error - Access Denied. I am using the same login for SPO and Power Automate. I have (for now) hard-coded a file to fetch - I can definitely browse to it, but for some reason I get the error in Power Automate. Is there another permission that I need to be granted to access the same file via Power Automate that I might be missing?
I have tried Get File Content with several different files, and they all give the same result. In each case, I can manually browse to the site/library/folder where the file is and download it, using the same login.
Have you made some changes on the sharepoint permissions?
Have you recreate a new connection to sharepoint in flow connections?
In many cases, an error code of 403 appears in a flow fail because of an authentication error. If you have this type of error, you can usually fix an authentication error by updating the connection,please make sure you have update the connection.
You could refer to link below
https://learn.microsoft.com/en-us/flow/fix-flow-failures
If you have updated the connection and the issue still exists,I afraid that there is some permissions setted in the sharepoint forbid you to access the sharepoint.
Please take a try to contact with the sharepoint administrator to see if you have been access denied in sharepoint.
I am facing issue in implementing Federated Search between SharePoint 2013 Azure and SharePoint online.
SharePoint 2013 Azure uses ADFS for authentication. Azure active directory and on-premise active directories are not in sync though.
I have followed all the steps that have been mentioned in following two links –
https://technet.microsoft.com/EN-US/library/dn607307.aspx
https://technet.microsoft.com/en-us/library/dn197169.aspx
However when I am trying to test the Federated result source, I are getting following error –
Web error: System.Net.WebException: The remote server returned an error: (401) Unauthorized.
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.SharePoint.Client.SPWebRequestExecutor.Execute()
at Microsoft.SharePoint.Client.ClientContext
I am not sure if we are missing something which is implied or not mentioned in the technet links.
Grateful if someone can help in resolving this issue.
Finally after a month of effort and taking help of Microsoft support, we have resolved the issue. The problem was the value of variable $spcn.
In the article, it was not very clear to which domain it has to be set.
$spcn - The root domain name of your public domain. This value should not be in the form of a URL; it should be the domain name only, with no protocol.
An example is adventureworks.com.
We were initially setting it to domain of SharePoint Online. Finally after lot of hit and trial, we found that we have to add domain of both SharePoint Online and SharePoint 2013. It worked after that.
I am facing a weird authentication issue for an intranet sharepoint 2010 site.
When a user from site owner group tries to access the site by this URL,
http://machine name:1111/ a windows credential pops up, even if user provides correct login details, he is not able to log in. But when user tries to access this URL, http://machine name:1111/SitePages/Home.aspx he is able to login successfully.
The site uses classic authentication mode.
Please let me know, what could be the reason for such strange behaviour.
Regards
Naimish
Got it resolved now.
The physical directory should have 'Read' rights for Everyone. In my case, the folder 1111 has this rights removed. I have given the said rights and its working fine now.
Regards