Accessing different geo site gives 403 unauthorized error

[ahamedfazil]

Major Version

4.x

Minor Version Number

2.0

Target environment

SharePoint Framework

Additional environment details

SPFx (v 1.19) Extension that runs on SharePoint Online geo site.

Expected or Desired Behavior

In our tenant we have multi geo sites. I am trying to access a SharePoint list items, userId in a site (https://test.sharepoint.com/teams/sample) from different geo site (https://testeur.sharepoint.com/sites/it)

Observed Behavior

I am getting the following error -

Error making HttpClient request in queryable [403] ::> {"odata.error":{"code":"-2147024891, System.UnauthorizedAccessException","message":{"lang":"en-US","value":"Attempted to perform an unauthorized operation."}}}

Steps to Reproduce

import { SPFI, SPFx, spfi } from "@pnp/sp";

//this.context is from https://testeur.sharepoint.com/sites/it
const _spConfigSite = spfi("https://test.sharepoint.com/teams/sample").using(SPFx(this.context));
 try {
      const user = await _spConfigSite.web.currentUser();
  }
  catch (error) {
      Logger.write(`Error: ${error}`, LogLevel.Error);
  }

[patrick-rodgers]

The issue is probably in trying to use the SPFx behavior we get a token from the context you supply and it would be giving you tokens for whatever geo the page is in and the scopes will be geo1.sharepoint.com/.default - those won't work in geo 2. You'll need to handle the auth yourself and manage the config to point the calls to the rig.ht geos. You can use the MSAL client for this.

[ahamedfazil]

thanks @patrick-rodgers we will try with MSAL