Reputation: 6636
How do I use the new Office 365 API to access users' onedrive
Using the sample code created automatically when "Add connected service" is chosen, specifically the "MyFilesApiSample"
I have tested with two different admin accounts. Apparently all admin accounts are not created equal.
This is in attempting to connect to the Office 365 sharepoint/onedrive file system.
One admin account gives AuthenticationFailedException "This operation can only be performed by an administrator". This account is an "admin" in so far as it can access other users mail/calendar
A different admin (global/full admin) account gives System.Exception "Could not obtain discovery information. Service returned Unauthorized".
Possible contributing factor questions
If at the time I created the connected service, I selected a bunch of rights in the checkboxes - does the admin account used need to actually have all of those rights to connect, or just the ones that are currently being used (file access in this case).
Does "full administrator" not give the needed rights?
Bonus question : How do you specify which user's files you want to view/edit? Just change the uri?
Upvotes: 1
Views: 2087
Answers (1)
Reputation: 2138
With regards to the error, if you log into the Azure Management portal for the associated AzureAD link to Office 365 you will be able to see whether your App is registered for that AzureAD. Information on how to access this is available on MSDN http://msdn.microsoft.com/en-us/library/office/dn736059(v=office.15).aspx You will most likely find that your App isn't registered in the Apps section of the Azure AD in your Azure tenant. The first time you launch your app you need to use your Office 365 Tenant Administrator account to do this so it gets registered as an App in Azure AD in the Azure tenant. Once that has happened you can then use the app with a normal user.
The way that the Office 365 APIs work is that the Web App or Mobile App asks can declare that it requires permissions to the OneDrive for Business folder of whatever User accesses it. The User has to grant consent...which is stored in the Azure AD for that App identity on a per user basis. Then the App can access whatever permissions it requested for that Users OneDrive for Business. The app can also ask for "Sites" permissions, which if consented would allow you to use the CSOM or REST APIs to access any SharePoint site that the user can see if you specify the URL of the site in the context for CSOM or REST Url. We have some big samples coming in the next week or so in both Cordova App, AngularJS/Azure Web role App, Windows 8 App and a ASP.NET MVC app. So please keep an eye on http://blogs.office.com/dev and http://aka.ms/OfficeDevSamples.
Upvotes: 4
Related Questions
- Get Access Token with OneDrive API
- OneDrive API: create Subscription
- OneDrive Personal Daemon Api Access
- OneDrive REST API and Sharepoint Online
- How to access Onedrive Business via Microsoft Graph API
- How to make REST call to MS Graph/OneDrive method with OAuth2
- Office 365 OneDrive REST API - "invalid_client"
- How to find if OneDrive is active for a user in Office365 through API?
- Getting Unauthorised Access Error (401) while accessing default drive using One Drive Business API
- Calling Office 365 APIs on behalf of another user