CODEWITHSUNDEEP
sharepointmicrosoft-graph-api
dannnnnnnnnnnn
dannnnnnnnnnnn

Reputation: 11

Create subscription for Sharepoint List returns 403 forbidden

I'm using Microsoft Graph API to fetch items from Sharepoint list. Everything has worked well and I have a token, which works for getting items from the list

Now I want to get a notice, when any item gets updated on that list. For that, I tried to create webhook with subscription with the same token. However when trying to create subscription, the API returns 403.

var subscription = new Subscription
            {
                Resource = "sites/{siteId}/lists/{listId}/",
                NotificationUrl = "{notification url}",
                ExpirationDateTime = DateTimeOffset.Now.AddDays(2),
                ChangeType = "updated"
            };
var res = await graphServiceClient.Subscriptions
          .Request()
          .AddAsync(subscription);

I have set the required Sites.ReadWrite.All permission to my app registration. The call to the API returns me 

{
Error: Code: ExtensionError
Message: Operation: Create; Exception: [Status Code: Forbidden; Reason: Access denied. You do not have permission to perform this action or access this resource.]
Inner error:
    AdditionalData:
    request-id: 99445d24-8d09-45a5-98e7-05b99587fd7f
    date: 2020-04-26T21:53:21
ClientRequestId: 99445d24-8d09-45a5-98e7-05b99587fd7f
}

Am I targeting wrong resource or is there any other permission, that app needs?

Edit: also tried using certificate to authorize, still nothing.

Upvotes: 1

Views: 920

Answers (1)

Nishant
Nishant

Reputation: 623

For creating a new webhook subscription, the application must have at least edit permissions to the SharePoint list where the subscription will be created (if the App is Azure AD). If the application is a SharePoint Add-in, You must grant 'Manage' or higher permission.

Upvotes: 1

Related Questions