You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Executing the same query with a guest user results in http 403 with this response body:
"error": {
"code": "Forbidden",
"message": "The service is not authorized for provided user credentials",
"target": "",
"httpCode": 403
}
We tested with Sites.Read.All, Sites.ReadWrite.All and Sites.FullControl.All - always the same 403.
External sharing is enabled for anyone in the sites collections with used for testing.
We found this closed issue which ends without a solution: #1039
Expected or Desired Behavior
We expect that guest users can use the Graph Search API
Observed Behavior
Guest users receive http 403 forbissen, when they use the Graph Search API
{
"error": {
"code": "Forbidden",
"message": "The service is not authorized for provided user credentials",
"target": "",
"httpCode": 403
},
"Instrumentation": {
"TraceId": "fc9aa73d-57a9-d86c-6007-abdf6535959f"
}
}
utc time 13:06
Steps to Reproduce
We can reproduce this with Graph Explorer.
To login with a guest account make sure to add the target tenant as a query param in the Graph Explorer URL, like so:
We cannot use the Graph search API in SharePoint sites when logged on with a guest account.
[x] bug
Using the Graph Search API (https://graph.microsoft.com/v1.0/search/query) with internal users works as expected.
Executing the same query with a guest user results in http 403 with this response body:
"error": {
"code": "Forbidden",
"message": "The service is not authorized for provided user credentials",
"target": "",
"httpCode": 403
}
We tested with Sites.Read.All, Sites.ReadWrite.All and Sites.FullControl.All - always the same 403.
External sharing is enabled for anyone in the sites collections with used for testing.
We found this closed issue which ends without a solution: #1039
Expected or Desired Behavior
We expect that guest users can use the Graph Search API
Observed Behavior
Guest users receive http 403 forbissen, when they use the Graph Search API
{
"error": {
"code": "Forbidden",
"message": "The service is not authorized for provided user credentials",
"target": "",
"httpCode": 403
},
"Instrumentation": {
"TraceId": "fc9aa73d-57a9-d86c-6007-abdf6535959f"
}
}
utc time 13:06
Steps to Reproduce
We can reproduce this with Graph Explorer.
To login with a guest account make sure to add the target tenant as a query param in the Graph Explorer URL, like so:
https://developer.microsoft.com/en-us/graph/graph-explorer?tenant=SOMETENANT.onmicrosoft.com
Login with a guest account. Consent Sites.Read.All
Make sure the guest user has access to at least one site collection
POST v1.0 to https://graph.microsoft.com/v1.0/search/query
{
"requests": [
{
"entityTypes": [
"list"
],
"query": {
"queryString": "Vertrag"
}
}
]
}
Results in 403
The text was updated successfully, but these errors were encountered: