0

In short - the issue appears to be that I can access a folder or file's anonymous link - but only after it's been created. When I say created - I mean clicking the 'copy link' button as show in the screen. (Also works fine if a Flow creates it)

Creating Anonymous link

If that's been done, then using the REST API to get the anonymous link works fine:

Header

Request header

Body

Request response

Response

Request body

If I try and 'create' a link for a new file though;

Bad response

Bad response

So where are my permissions failing me? You may have noticed that I don't pass the X-RequestDigest. That's because it doesn't seem to do anything. Without it I can upload and do whatever I need - with it, I gain no new permissions.

The app that I'm using to authenticate against has what I think is full control over the SharePoint site. As seen in this page's example:

Xml example

Is there anything I'm missing? Why wouldn't I be able to create an anonymous link through the API but I can access it if someone else has already created it?

Thanks for your time.

Improve this question

2 Answers 2

Reset to default
0

I had the same issue.

Started working for me when I updated app permissions to

<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" /> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" /> <AppPermissionRequest Scope="http://sharepoint/social/tenant" Right="Read" /> <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" /> </AppPermissionRequests>
Improve this answer
1
  • This is someting I checked - I have a feeling some of my permissions went arwy. I ended up re-making the app and used it. Will accept this as the answer - because I'm fairly sure this is where my issue lied... Commented Dec 16, 2020 at 12:08
0

Only

"< AppPermissionRequests AllowAppOnlyPolicy="true" > < AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" /> </AppPermissionRequests >"

is needed. No need for tenant level permissions

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.