RoleAssignments via the rest api returns unauthoried on SharePoint On-line

Zdeněk Fridrichovský 1 Reputation point
2020-09-18T07:43:02.723+00:00

Hi,
I am using REST API to get roles on SharePoint. I am using "_api/Web/RoleAssignments". Problem is that it returns error message "Unauthorized". I tried add tenant permission to APP as described in this link https://sharepoint.stackexchange.com/questions/199261/what-permissions-do-i-need-to-get-roleassignments-via-the-rest-api.

But it doesn't help.

Can you help me? What I have to do?

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,628 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jerryzy 10,566 Reputation points
    2020-09-21T07:06:12.5+00:00

    Hi @Zdeněk Fridrichovský ,

    If you are using SharePoint Hosted App to get the RoleAssignments in host web, please write code in App.Js like this: 

    'use strict';  
  
var hostweburl;  
var appweburl;     
  
  
    // This code runs when the DOM is ready and creates a context object which is needed to use the SharePoint object model  
    $(document).ready(function () {  
        hostweburl = decodeURIComponent(getQueryStringParameter("SPHostUrl"));  
        appweburl = decodeURIComponent(getQueryStringParameter("SPAppWebUrl"));    
        var scriptbase = hostweburl + "/_layouts/15/";  
        $.getScript(scriptbase + "SP.RequestExecutor.js", getRoleAssignments);  
             
    });  
  
  
  
function getRoleAssignments() {  
    var executor = new SP.RequestExecutor(appweburl);  
    var FullURL = appweburl + "/_api/SP.AppContextSite(@target)/web/roleassignments?@target='" + hostweburl + "'";  
  
    executor.executeAsync(  
        {  
            url: FullURL,  
            method: "GET",  
  
            headers: {  
                "accept": "application/json;odata=verbose",  
                "content-type": "application/json;odata=verbose",  
                "X-RequestDigest": $("#__REQUESTDIGEST").val()  
            },  
            success: onDataReturned,  
            error: errorHandler  
        }  
    );   
}  
  
function errorHandler(data, errorCode, errorMessage) {  
    console.log("Could not complete cross-domain call: " + errorMessage);  
}  
  
function onDataReturned(data) {  
    console.log(data.body);  
  
}  
  
function getQueryStringParameter(paramToRetrieve) {  
    var params =  
        document.URL.split("?")[1].split("&");  
    var strParams = "";  
    for (var i = 0; i < params.length; i = i + 1) {  
        var singleParam = params[i].split("=");  
        if (singleParam[0] == paramToRetrieve)  
            return singleParam[1];  
    }  
}

    In AppManifest.xml: 

    <AppPermissionRequests>  
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" />  
    <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" />  
    <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />  
  </AppPermissionRequests>

    Here is the response in Developer Tool:

    25966-snipaste-2020-09-21-15-01-10.png

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments