Hello everyone and welcome to my blog. In today’s blog we will discuss how to resolve 401 unauthorized error when using SharePoint Add-in app for authentication.
If you are not aware of SharePoint Add-in app only authentication, I recommend to go though this Microsoft article.
Now coming back to the problem statement. I was using SharePoint add-in app only authentication and it was working just fine. However when we moved the same code to the new environment, we were getting 401 Unauthorized error.
If you Google this error, you will find that all new SharePoint tenants has the Custom App Authentication disabled. There is a property at tenant level – DisableCustomAppAuthenticaton which you need to set to false for SharePoint Add-in app only authentication to work correctly.
First step is to check if the property DisableCustomAppAuthentication is set to false or not. I opened PowerShell ISE as administrator and use the following command to connect to my SharePoint site collection.
Connect-SPOService -Url https://xrmforyoudemo-admin/sharepoint.comYou will get an interactive login prompt to sign in. Please note you need to connect to tenant administration site. Hence I used the -admin site to connect to the tenant admin.
Once connected, the next step is to check the value of parameter – DisableCustomAppAuthentication. To do that, I use the following command.
To my surprise, it was set to False by default. If it is false, then the authorization should have worked. However we were getting the unauthorized error.
After searching the heck out of Google, I finally came across this link. As it seems like, you need to enable this parameter and then disable it.
To enable, first I run the following command.
Set-SPOTenant -DisableCustomAppAuthentication $trueThen again set it to False.
Set-SPOTenant -DisableCustomAppAuthentication $falseWait for 15-20 mins and after that try again. You should now find that authorization is working. As weird it may sound, this finally got me working.
I hope this helped. If you have liked the post and if this post has helped you, please subscribe to my blog.
Debajit Dutta