Is it possible to copy a shared folder to my own profile in OneDrive Business via Microsoft Graph API?
Both accounts are OneDrive Business Accounts. Account A shares a folder to Account B. Account B is logged in and can see all shared items from Account A. So Far so good.
How can I copy this shared folder to the profile of Account B?
When I try this POST I get a 401 - The caller is not authenticated.
POST https://graph.microsoft.com/v1.0/drives/<remoteItem.driveId>/items/<id>/copy
Content-Type: application/json
Authorization: Bearer xyz...
{
"parentReference": {
"path": "/drive/root:/Documents"
}
}
The scope I use is:
mail.read
user.read
files.read
files.read.all
sites.read.all
files.readwrite
Any suggestions?
The copy API in OneDrive for Business and SharePoint is currently limited to copying files within the same "site". For OneDrive for Business each user is represented by a separate site, which means copying files between OneDrive's isn't supported.
We're working on adding the ability to copy files between sites and hope to have an update to the API available soon.
Related
I wanna answer my application's reviews with service account. But regarding to api documantation of google play console, for answering review's, i need to have my auth'key. :
GET https://www.googleapis.com/androidpublisher/v3/applications/your_package_name/reviews?
access_token=your_auth_token
But in my json file that i got from "create key" on my service account page, i have nothing like: "auth token". What should i do?
Note: I also have 1 more small question: I wanna list all of my applications for google play. I found some non-offical api's that can retrieve all app's for spesific developer. But for that i need to have people's developer name that i cannot retrieve from any api.
But in my json file that i got from "create key" on my service account page, i have nothing like: "auth token". What should i do?
Your auth token is not in the key file you downloaded it contains what you need to request an access token.
Assuming that you have created service account credentials on Google cloud console. What you have in that file is the credentials you need to create an access token.
Your application calls Google APIs on behalf of the service account, so users aren't directly involved. This scenario is sometimes called "two-legged OAuth," or "2LO." (The related term "three-legged OAuth" refers to scenarios in which your application calls Google APIs on behalf of end users, and in which user consent is sometimes required.)
Requesting an access token using a service account requires a number of steps Preparing to make an authorized API call I recommend you look for a client library in your chosen language coding it yourself is not for the feint at heart.
I wanna list all of my applications for google play.
In order to do that you will need to grant the service account access to your accounts data probably by sharing the data with it. Or you will need to use Oauth2 to authorize your application then you will have access to it.
I am working on file uploader to One Drive for Business account.
My application should have the least privileged access as possible duo security reasons.
I can authenticate and generate correct tokens, but I cannot create App Folder when I have only that access: Files.ReadWrite.AppFolder. I got below response:
{"error":{"code":"accessDenied","message":"The caller does not have permission to perform the action."}}
When I extended my privileges to Files.ReadWrite.All the same request succeeded.
Request: GET https://{tenant}-my.sharepoint.com/_api/v2.0/me/drive/special/approot/
I known correctly tenant, I just haven't provided it in that post.
Does One Drive for Business work with App Folder privileges? I am not sure according to below document:
https://learn.microsoft.com/en-us/onedrive/developer/rest-api/api/drive_get_specialfolder
Unfortunately the Files.ReadWrite.AppFolder does not work for OneDrive Business (see this documentation). It's something we definitely want to fix.
I'm building a Windows service that connects to OneDrive for Business via the Graph API using this method:
https://graph.microsoft.io/en-us/docs/authorization/app_only
I've successfully authenticated my application and have a token for making calls to Graph API. I have given my Azure AD application permissions to both Windows Azure Active Directory and Microsoft Graph (all application and delegated permissions have been selected for both).
My goal is to get the contents of a folder that resides in a specific user's OneDrive. I need to make the following Graph API call:
//graph.microsoft.com/v1.0/users('user-guid')/drive/items/long-item-id-here/children
I can execute this request successfully using Microsoft Graph Explorer (logged in with my Office 365 credentials). When I try to make the same call as an application (using the auth token received above), I get an "itemNotFound" code with the message "The resource could not be found." (request-id:
5e814dce-c4c2-4615-90e6-ea8ab90cbc49). However, I am able to query the root and the "folder.childCount" property shows the correct number of children in the root:
//graph.microsoft.com/v1.0/users('user-guid')/drive/root
I've set the folder's sharing to "All Authenticated Users" and I still receive "The resource could not be found" from the API call.
Any ideas on what I'm missing here?
The marked answer is no longer the case. You can now access OneDrive and SharePoint resources using a Client Credentials grant (aka "App Only").
The applicable scopes are Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All
The application is using App-only authorization which is currently not supported for accessing OneDrive for Business through Microsoft Graph API. Please use delegated flow, which is used by Graph Explorer.
We currently have a web service which is accessing the EWS API's for Mail, Calendar, and Contacts. For those, we used the "App-Only"/Client Credential flow to have an app-to-app auth.
Now we'd like to extend our web service to access the SharePoint/OneDrive API's. It looks like the preferred way to access these API's is by making a request to the Discovery service, however it seems that the Discovery service doesn't work with App-Only auth (see: Access Office 365 Discover Service with "app-only" token)
Another approach we've tried is to simply hard-code the SharePoint endpoint URL's.
* Connection #0 to host devunit1-my.sharepoint.com left intact
{
"#odata.context": "https://devunit1-my.sharepoint.com/_api/v2.0/$metadata#me",
"#odata.type": "#microsoft.coreServices.currentUserRequestContext",
"#odata.id": "https://devunit1-my.sharepoint.com/_api/v2.0/me",
"#odata.editLink": "me",
"id": null
}
We can hit the server, but trying to access /files gives us an error:
{
"error": {
"code": "-1, Microsoft.Office.Server.UserProfiles.UserNotFoundException",
"message": "User 'i:0i.t|00000003-0000-0ff1-ce00-000000000000|app#sharepoint' doesn't exist in UPA by UPN or SID, and user with this SID was not found in AD."
}
}
The third way we've tried is by using the Office365 Unified API using /users/<OMITTED User.objectId>/drive which fails giving:
{"odata.error"=>{"code"=>"Request_ResourceNotFound", "message"=>{"lang"=>"en", "value"=>"Resource 'drive' does not exist or one of its queried reference-property objects are not present."}}}
Is there something that we're doing wrong? Is it possible to access SharePoint/OneDrive data (either through the Files API or some other API) with App-Only credentials? If not, is there some work around we can use or do we have to create an entirely separate auth flow just to use the Discovery service?
When working with SharePoint Designer Workflow on SharePoint Online (Office 365) and trying to access to User Profile Service (UPS) make sure you follow the instructions on the following post by providing the Workflow App the necessary permission to the UPS, but make sure you don't run the REST call in an App Step, this caused me a lot of Troubleshooting time as I was getting the error mentioned above "...app#sharepoint doesn't exist in UPA by UPN or SID, and user with this SID was not found in AD."
http://sharepoint-community.net/profiles/blogs/retrieving-user-profile-properties-in-a-sharepoint-2013-workflow
I hope it helps you too. Have fun.
My question seems similar to OneDrive for Business REST API - PUT,POST - 401 Unauthorized
However, instead of uploading, I am trying to download a file. What's strange is that I do get the file contents and data, but the response code is a 401.
Any idea why? Of course, I would like to be receiving a 200 and not have to ignore the response code.
As far as my Azure AD app permissions go, I am allowing pretty much all read permissions under delegated permissions for Office 365. I have listed all the permissions I selected here, for your reference.
Delegated Permissions I am allowing for Office 365:
Read managed metadata
Run search queries as a user
Read items in all site collections
Read user files
Delegated Permissions I am allowing for Windows Azure Active Directory:
Enable sign-on and read users' profiles
I have not enabled anything under Application Permissions.
There is a bug in our implementation - if you provide an Authorization: header with a bearer token on the download URL (which is pre-authenticate) the service rejects the authentication (hence the 401) but since the URL is pre-authenticated, the contents of the file are still sent.
We're working on a fix. You can track the status by watching this issue on our GitHub repo: https://github.com/OneDrive/onedrive-api-docs/issues/189