FileOpenUserUnauthorized for workbook Microsoft Graph API
Hello.
https://learn.microsoft.com/en-us/graph/api/resources/excel?view=graph-rest-1.0 API is not function for personal account (tenant: personal). Works for business accounts.
Example:
curl -H "Authorization: Bearer ..." -v https://graph.microsoft.com/v1.0/me/drives/e98d65c1f4e6b9c3/items/E98D65C1F4E6B9C3\!105\?$select\=id,name,parentReference,webUrl,file
response:
{"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#users('alexey.vasiliev%40railsware.com')/drives('e98d65c1f4e6b9c3')/items/$entity","@microsoft.graph.downloadUrl":"...","createdDateTime":"2022-02-02T20:34:00Z","eTag":"\"{F4E6B9C3-65C1-208D-80E9-690000000000},6\"","id":"E98D65C1F4E6B9C3!105","lastModifiedDateTime":"2024-04-05T17:24:48Z","name":"Book.xlsx","webUrl":"https://onedrive.live.com/personal/e98d65c1f4e6b9c3/_layouts/15/Doc.aspx?resid=E98D65C1F4E6B9C3!105&cid=e98d65c1f4e6b9c3","cTag":"\"c:{F4E6B9C3-65C1-208D-80E9-690000000000},5\"","size":9308,"createdBy":{"user":{"email":"...","id":"e98d65c1f4e6b9c3","displayName":"..."}},"lastModifiedBy":{"user":{"email":"...","id":"e98d65c1f4e6b9c3","displayName":"..."}},"parentReference":{"driveType":"personal","driveId":"e98d65c1f4e6b9c3","id":"E98D65C1F4E6B9C3!sea8cc6beffdb43d7976fbc7da445c639","name":"Documents","path":"/drives/e98d65c1f4e6b9c3/root:","siteId":"60ffe0ee-0edc-432e-9e28-c25906aa637e"},"file":{"mimeType":"application/vnd.openxmlformats-officedocument.spreadsheetml.sheet","hashes":{"quickXorHash":"Scptt3Ef5HWRGUMbnXLsGhfpgLk=","sha1Hash":"6A053896FA05358E28063C7B9362B455ADB9CA0A","sha256Hash":"65816590EC1F271749ECE1F5045E891397A8CED5AC552C73A1F08C0ABE709AF7"}},"fileSystemInfo":{"createdDateTime":"2022-02-02T20:34:00Z","lastModifiedDateTime":"2024-04-05T17:24:48Z"},"shared":{"scope":"users"}}
As we can see all working
Now lets try check list of worksheets for same file:
curl -H "Authorization: Bearer ..." -v https://graph.microsoft.com/v1.0/me/drives/e98d65c1f4e6b9c3/items/E98D65C1F4E6B9C3\!105/workbook/worksheets
response:
< HTTP/2 401
< cache-control: no-cache
< content-type: application/json
< strict-transport-security: max-age=31536000
< request-id: 0398f0bf-8c20-410a-baca-0f2288e352ca
< client-request-id: 0398f0bf-8c20-410a-baca-0f2288e352ca
< x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"Germany West Central","Slice":"E","Ring":"4","ScaleUnit":"001","RoleInstance":"FR2PEPF000003EA"}}
< date: Fri, 05 Apr 2024 17:46:07 GMT
<
* Connection #0 to host graph.microsoft.com left intact
{"error":{"code":"FileOpenUserUnauthorized","message":"You do not have permissions to open this file in the browser.","innerError":{"code":"unauthorizedUncategorized","message":"Required authentication information for the resource is either missing or invalid.","innerError":{"code":"FileOpenUserUnauthorized","message":"You do not have permissions to open this file in the browser."},"date":"2024-04-05T17:46:07","request-id":"0398f0bf-8c20-410a-baca-0f2288e352ca","client-request-id":"0398f0bf-8c20-410a-baca-0f2288e352ca"}}}
"You do not have permissions to open this file in the browser." - yep, my rest call have no browser
Maybe wrong scopes? Lets check:
scopes: openid profile email User.Read Files.Read.All Files.ReadWrite.All Files.ReadWrite
Based on docs, my token contain needed "Files.ReadWrite" scope.
This file successfully can open this account in browser, but workbook/worksheet
or workbook/names
still return 401 and FileOpenUserUnauthorized.
Urls in format "/me/drive/items/{id}/workbook/worksheets" return same error.
Question - why it return this error? What is the reason?
Thanks