Azure Active Directory Permissions Issue: 403 Exception

相关文章推荐

暴躁的石榴 · 翻译 - Dolibarr ERP CRM ...· 1 月前 ·

不羁的饺子 · Debezium | Apache Flink· 1 月前 ·

讲道义的烈酒 · Debezium-JSON--流式计算 ...· 1 月前 ·

从容的大脸猫 · 零代码第三方数据接入 | TDengine ...· 1 月前 ·

迷茫的马克杯 · 从VBA中的范围中删除特殊字符开发者社区· 1 月前 ·

沉着的红烧肉 · 分布式多机集群环境下定时任务只执行一次_qu ...· 9 月前 ·

爱搭讪的麻辣香锅 · python excel 设置密码-掘金· 2 年前 ·

含蓄的保温杯 · python post请求携带json ...· 2 年前 ·

近视的香菜 · jquery - Remove ...· 3 年前 ·

I have a added a Native app in Azure Active directory. I have granted all the required SharePoint permissions (to my knowledge) but when I try to hit following SharePoint REST API, it returns 403 exception

https://mytenant.sharepoint.com/_api/SP.OAuth.NativeClient/Authenticate

I'm trying to get SharePoint Online SPOIDCRL cookie using bearer token. Below is my code snippet:

import android.content.Intent;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;
import com.microsoft.aad.adal.AuthenticationCallback;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.PromptBehavior;
import com.squareup.okhttp.MediaType;
import com.squareup.okhttp.OkHttpClient;
import com.squareup.okhttp.Request;
import com.squareup.okhttp.RequestBody;
import com.squareup.okhttp.Response;
import com.squareup.okhttp.Headers;
import java.net.URL;
import java.net.HttpURLConnection;
import java.util.Locale;
public class MainActivity extends AppCompatActivity {
    private static final String CLIENT_ID = "{my_client_id}";
    private static final String REDIRECT_URI = "{my_redirect_uri}";
    private static final String GRAPH_RESOURCE = "https://graph.microsoft.com";
    private static final String SHAREPOINT_ONLINE_RESOURCE = "mytenant.sharepoint.com";
    private static final String AUTHORITY = "https://login.microsoftonline.com/mytenant.onmicrosoft.com";
    private static final String LOG_TAG = "AUTH";
    private static String accessToken;
    private static String userId;
    private AuthenticationContext authenticationContext;
    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        try {
            // Create the authentication context.
            authenticationContext = new AuthenticationContext(MainActivity.this,
                    AUTHORITY, true);
            // Acquire tokens using necessary UI.
            authenticationContext.acquireToken(MainActivity.this, GRAPH_RESOURCE, CLIENT_ID, REDIRECT_URI,
                    PromptBehavior.Always, new AuthenticationCallback<AuthenticationResult>() {
                        @Override
                        public void onSuccess(AuthenticationResult result) {
                            String idToken = result.getIdToken();
                            accessToken = result.getAccessToken();
                            userId = result.getUserInfo().getUserId();
                            // Print tokens.
                            Log.d(LOG_TAG, "ID Token: " + idToken);
                            Log.d(LOG_TAG, "Access Token: " + accessToken);
                            String spToken = getEndPointToken(SHAREPOINT_ONLINE_RESOURCE);
                        @Override
                        public void onError(Exception exc) {
                            // TODO: Handle error
        } catch (Exception e) {
            e.printStackTrace();
    @Override
    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
        super.onActivityResult(requestCode, resultCode, data);
        // Pass the activity result to the authentication context.
        if (authenticationContext != null) {
            authenticationContext.onActivityResult(requestCode, resultCode, data);
    protected void getCookies(String token) {
        try {
            HttpURLConnection connection = (HttpURLConnection) new URL("https", "mytenant.sharepoint.com", "_api/SP.OAuth.NativeClient/Authenticate").openConnection();
            try {
                connection.setRequestProperty(Broker.CHALLENGE_RESPONSE_HEADER, String.format(Locale.ROOT, "Bearer %s", new Object[]{token}));
                connection.setRequestMethod("POST");
                String headerField = connection.getHeaderField("Set-Cookie");
                Log.d("COOKIE", headerField);
                connection.disconnect();
            } finally {
                connection.disconnect();
        } catch (Exception e) {
    protected String getEndPointToken (String resourceUri) {
        String token = "";
        try {
            authenticationContext.acquireTokenSilentAsync(resourceUri, CLIENT_ID, userId, new AuthenticationCallback<AuthenticationResult>() {
                @Override
                public void onSuccess(AuthenticationResult result) {
                    String spAccessToken = result.getAccessToken();
                    Log.d("SP-AUTH", "Sharepoint Token");
                    Log.d("SP-AUTH", spAccessToken);
                    getCookies(spAccessToken);
                @Override
                public void onError(Exception exc) {
                    // TODO: Handle error
        } catch (Exception e) {
        return token;
Exception:
<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-1, Microsoft.SharePoint.Client.ClientServiceException</m:code><m:message xml:lang="en-US">Exception of type 'Microsoft.SharePoint.Client.ClientServiceException' was thrown.</m:message></m:error>

Products (52)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub