4

I'm have created a survey in my company sharepoint online site. The response is collected in a list. I want to extract the data from this list by sending a CURL request from another server to REST API for further processing. The site URL goes like this: https://company.sharepoint.com/sites/ABCD. I can access the list using this endpoint in browser: https://company.sharepoint.com/sites/ABCD/_api/web/lists/GetByTitle(title)/items

While trying to access the API through CURL, I am getting an error saying unauthorizedAccessException. HTTP/1.1 403 Forbidden error.

<m:message xml:lang="en-US">Access denied. You do not have permission to perform this action or access this resource.</m:message>

Below is the curl request:

curl "https://company.sharepoint.com/sites/ABCD/_api/web/lists/GetByTitle(title)/items" -v --ntlm --negotiate -u domain\\email_address

Can someone please explain what is the issue with this request or is this the correct way to send API request. Some forums I read say that I may need to generate access_key using an APP ID. But I dont know how to do that.

Any help on this is deeply appreciated. I am a newbie to sharepoint.

Improve this question
1

2 Answers 2

Reset to default
1

First of all you need to have valid Client Id and Client Secret. You could get it following Sharepoint's part in Postman related answer .

Curl's part:

I've created a bash script for this. It requires changing of three parameters: YourTenant, client_id and client_secret

$ nano ~/get_api_response.sh

Paste the next content to it, changing YourTenant, client_id, client_secret to your own values (you could get in Sharepoint's part below).

wwwauthenticate=$(curl -i -H "Authorization: Bearer" -s "https://YourTenant.sharepoint.com/_vti_bin/client.svc/" | grep -i "www-authenticate") bearer_realm=$(echo $wwwauthenticate | awk -F"," '{print $1}' | awk -F"=" '{print $2}' | tr -d '"') app_id=$(echo $wwwauthenticate | awk -F"," '{print $2}' | awk -F"=" '{print $2}' | tr -d '"') grant_type="grant_type=client_credentials" cl_id="client_id=c2xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx@$bearer_realm" cl_secret="client_secret=3zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz" res="resource=$app_id/YourTenant.sharepoint.com@$bearer_realm" url="https://accounts.accesscontrol.windows.net/$bearer_realm/tokens/OAuth/2" content_type="Conent-Type: application/x-www-form-urlencoded" access_token=$(curl -X POST -H $content_type --data-urlencode $grant_type --data-urlencode $cl_id --data-urlencode $cl_secret --data-urlencode $res -s $url | awk -F":" '{print $NF}' | tr -d '"}') curl -i -H "Authorization: Bearer $access_token" -H "Accept: application/json;odata=verbose" -s "$1"

Apply proper permissions: chmod 700 get_api_response.sh

You could use curl with that token the next way:

~/get_api_response.sh "https://YourTenant.sharepoint.com/_api/web"`

Here's slightly different solution

Improve this answer
    0 
    curl -X GET --ntlm -u <email>:<password> https://mycompany.sharepoint.com/<URL>

    This worked for me and trigger the page contents.

    Improve this answer

      Start asking to get answers

      Find the answer to your question by asking.

      Ask question

      Explore related questions

      See similar questions with these tags.