Office 365 scope activites issue

I’m working on office 365 scope + Find Files and folders to get all files on one drive or Sharepoint site. I’ve been setup application on Azure portal following documents

But in my uiPath studio execution, I got following remoteexception error:
RemoteException wrapping Microsoft.Graph.ServiceException: Code: BadRequest
Message: /me request is only valid with delegated authentication flow.

my activities properties like below:

does any one know how to resolve the issue?

Hi @SunnyX,

Which level permissions you have enabled during setup? Delegated or application level? have you enabled graph api permissions for files read/write as well?

Also I see authentication mode you are using is application of and secret, have you tried using other authentication types? What happens when you try using other authentication types?

Regards
Sonali

Thanks Sonali,

following is my permission what like. I tried both application and delegated permission, doesn’t work.

As for other authentication types, I tried username and password, it will give me another error like below, seems like my account type doesn’t support, I used personal account, not work account, interactive token not support as well.

RemoteException wrapping Microsoft.Graph.ServiceException: Code: generalException
Message: An error occurred sending the request.
—> RemoteException wrapping Microsoft.Identity.Client.MsalClientException: ROPC does not support MSA accounts. See Acquire a token to call a web API (desktop app) - Microsoft identity platform | Microsoft Docs for details.

Hey, is it fixed? I am also having the same issue.

Hey I am also having this same issue:
auth used in uipath: ApplicationID and Secret
I have created secret key in azure and passed the secret key into secureapplicationsecret field in properties.
I am getting error as below:
lol

Permissions provided looks like as above.
Please assist!!

If you use ApplicationID and Secret, you should have Application API permission and grant admin consent. Some office365 activities only support delegate API permission, please check from activity help document. In my case, I only used Find Folders and Files activity which support Application API permission, after I provide correct drive name and site url, I’m able to get and download files. Below is my screenshot for activity input, hope it helps.


image

1 Like

Hey thanks for the insight. I am also using Find folders and file activity and after that download file activity to download the file from onedrive to local. Also, I have checked the permissions and it is same as in your screenshot. Please let me know if any additional permissions are required?


Also the application secret you provided in the properties is the masked value from the azure portal under VALUE column right?

Yes, the secret is VALUE column. But in your case, you want to get files in onedrive folders, I checked fiddler with uipath activity, it used request /v1.0/me/drive/microsoft.graph.sharedWithMe(), which need delegate authentication type(need behalf on user).

So suggest you changing authentication type to (Windows integrated (if your machine login in with work account) or username and password(your account is application owner in AD) or interactiveToke(will pop out Microsoft sign in window during running).

1 Like

Thanks for the reply. I have adjusted the process by changing from onedrive to sharepoint. By providing the siteURL and Drivename, file is getting dowloaded. Authentication used is appID and Secret key.

I have one doubt. Hope you can help me out.
I have provided the appid, tenantID and secret from account abc@uipath.com, and the sharepoint folder is within this same account and the file to be fetch is in the same account. Bot is able to fetch the file.

But how to deploy this in production? can we still use the above appId, tenantId and secret to get the same file from another sharepoint under another account lets say xyz@uipath.com. [Both accounts are under same org].

I am trying this just by changing the site url and drive name, but not working. Only working when the file to be fetched is placed in the same account from where the appId etc… are generated.

Please correct me if I am missing something.

I would suggest to do a simple check manually if xyz@uipath.com has access to the file. “Manually” meaning navigating to the file via browser. This will tell you that the account has access (or not) to the target file.

As of now the abc@uipath.com SharePoint have no access provided for xyz@uiapth.con. So accessing the file from browser will not work

So granting access will make this work??

Yes it should. If not, at least we can isolate the problem.

1 Like

hey @ticsrobo.au , in production the file will be placed in the sharepoint of xyz@uipath.com, hence literally the file access for xyz@uipath.com is there.

Or what you meant is to add abc@uipath.com the access to the Sharepoint site created in xyz@uipath.com as the appID, secret etc are provided from abc@uipath.com.

@amithvs, if your another sharepoint site managed in same tenant with the successful case? per my understanding, app secret auth flow should doesn’t matter with any user.

Yep, the another sharepoint is under same organisation. I was able to make this work by making the account which provided the appId, tenantId and secret as a member/owner of the other Sharepoint.

After one round of execution, if you remove the new member account, the bot will be still able to fetch the file for us. I am not sure how this is working even the account is removed as the member.

Hi @amithvs ,

What I’m basically saying is if a user has access to a file via browser (UI) then it should also have access if done via UiPath activities.

So what is the current problem now?

What API permission should be set to upload files or create folders in a SharePoint site? I have added the permissions below and i am still receiving an error when trying to upload or create a folder.


Any suggestions?
i followed the permissions stated on this article: Resumable file upload - Microsoft Graph v1.0 | Microsoft Docs
& Create a new folder - Microsoft Graph v1.0 | Microsoft Docs

@amithvs were you able to make this work? Running into the same issue with delegated permissions

Hi @ivan.garcia , sorry for the late reply. For me the below permissions worked.

All the application level permissions requires access to be granted by admin also.

What kind of authentication are you using, and from where the files are getting downloaded or uploaded?