I am using Microsoft business account assigned by company admin with admin permission to register application in Azure. This app would be used for file uploading only.
In Resumable item upload, the uploading PUT request would upload file content to onedrive using the returned "uploadUrl" from createUploadSession request.
Observed Behavior
In Resumable item upload, the uploading PUT request got 401 error {"code":"InvalidAuthenticationToken","message":"Access token is empty." }
In Azure App registration:
1.1. Authentication section:
Setup a web platform with a redirected URI.
Select the tokens you would like to be issued by the authorization endpoint: Access Token.
Supported account types: Accounts in any organizational directory (Any Azure AD directory - Multitenant).
1.2. API Permissions section:
Configured delegated permissions of "Files.ReadWrite", "Files.ReadWrite.All", "Sites.ReadWrite.All;".
I tried to upload a simple txt file (test.txt with plain text of 34 char in length). I used ROPC signin flow and successfully signed in with the above same permission as scope in signin request, and got access_token back.
Then I use this url to submit PUT request (NO access_token in header) right away to upload whole chunk of file, I got 401 response.
Request: PUT {Returned uploadUrl}
Content-Length: 34
Content-Range: bytes 0-33/34
<bytes 0-33 of the file>
Response: {"error":{"code":"InvalidAuthenticationToken","message":"Access token is empty.","innerError":{"date":"2021-10-25T23:36:29","request-id":"3a3c1c39-ed29-4373-8273-68918bd7decb","client-request-id":"3a3c1c39-ed29-4373-8273-68918bd7decb"}}}
I researched some posts with similar situations, but still cannot figure it out for my case.
1) access_token is applied from https://graph.microsoft.com, while returned uploadUrl is https://{tenant}-my.sharepoint.com/personal/{account_email}/... Not sure if this is cause.
2) Returned uploadUrl length is around 1400-1600, more < 2000. So should not be URL length problem.
3) App was registered as "Accounts in any organizational directory (Any Azure AD directory - Multitenant)". Assigned permissions are type of delegated.
Category
Expected or Desired Behavior
I am using Microsoft business account assigned by company admin with admin permission to register application in Azure. This app would be used for file uploading only.
In Resumable item upload, the uploading PUT request would upload file content to onedrive using the returned "uploadUrl" from createUploadSession request.
Observed Behavior
In Resumable item upload, the uploading PUT request got 401 error {"code":"InvalidAuthenticationToken","message":"Access token is empty." }
Steps to Reproduce
In Azure App registration: 1.1. Authentication section:
1.2. API Permissions section:
I tried to upload a simple txt file (test.txt with plain text of 34 char in length). I used ROPC signin flow and successfully signed in with the above same permission as scope in signin request, and got access_token back.
Response: {"token_type":"Bearer","scope":"Files.ReadWrite Files.ReadWrite.All Sites.ReadWrite.All profile openid email","expires_in":3599,"ext_expires_in":3599,"access_token":"{access_token}"}
Request: POST => https://graph.microsoft.com/v1.0/me/drive/root:/test/test.txt:/createUploadSession Authorization: Bearer {access_token}
Response: {"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.uploadSession","expirationDateTime":"2021-10-25T23:51:29.459Z","nextExpectedRanges":["0-"],"uploadUrl":"https://dalb-my.sharepoint.com/personal/{account_email}/_api/v2.0/drive/items/01HPUOG5DEW446POE6U5GLHL7PJH75Q3RM/uploadSession?guid='460b55de-ca08-4484-918d-768e875bfa01'&overwrite=True&rename=False&dc=0&tempauth={tempauth_string}"}
<bytes 0-33 of the file>
Response: {"error":{"code":"InvalidAuthenticationToken","message":"Access token is empty.","innerError":{"date":"2021-10-25T23:36:29","request-id":"3a3c1c39-ed29-4373-8273-68918bd7decb","client-request-id":"3a3c1c39-ed29-4373-8273-68918bd7decb"}}}
I researched some posts with similar situations, but still cannot figure it out for my case. 1) access_token is applied from https://graph.microsoft.com, while returned uploadUrl is https://{tenant}-my.sharepoint.com/personal/{account_email}/... Not sure if this is cause. 2) Returned uploadUrl length is around 1400-1600, more < 2000. So should not be URL length problem. 3) App was registered as "Accounts in any organizational directory (Any Azure AD directory - Multitenant)". Assigned permissions are type of delegated.
Please help.