Sp-dev-docs: Tenant properties API GetStorageEntity not authorized to External Users
Category
- [ ] Question
- [ ] Typo
- [ X] Bug
- [ ] Additional article idea
Expected or Desired Behavior
You can get a tenant property value using REST API (GetStorageEntity) even when the user is an external user.
Observed Behavior
I麓m getting an _UnauthorizedAccessException_
Steps to Reproduce
- Add a tenant property
- Share a site with an external user, and log into the site
- From an spfx webpart, do a REST call to:
.../sites/SITE/_api/web/GetStorageEntity('PROPERTY_KEY')
you will get an _UnauthorizedAccessException_
Same steps with a "normal" user works as expected.
I guess this is because the Tenant properties are stored in the App Catalog site, where the external user has no access. I think it shouldn麓t be the case, as a developers, we want to get Tenant properties from code, even if the user is an external user. Anyway, if this is by design, you should add the documentation and specify it
Thanks!
luismanez
All 12 comments
Thx Luis, this is clearly a bug in the API caused by lack of elevation. The issue has been logged and scheduled to be addressed in a relatively fast timeline. Due SPO freeze period during holiday season, you can expect this to get fixed during January.
VesaJuvonen
on 15 Dec 2017
Thanks for the detailed info Vesa, very appreciate it!
luismanez
on 16 Dec 2017
@luismanez - sorry to take so long to fix this. A fix is now being made and it should start rolling out to servers around the 26th of March.
GrahamMcMynn
on 7 Mar 2018
Thanks @mcmynn83, great news!
luismanez
on 8 Mar 2018
I am closing this issue, however, if it still doesn't work after the 26th please send me a message and I will re-open it. It has been validated in our test environments.
GrahamMcMynn
on 8 Mar 2018
@mcmynn83 - This problem keeps happening. When trying to recover a tenant property with an external user, the call returns an error 403. Is there a date planned to solve this bug?
sortegamartin
on 26 Apr 2018
Reopen based on Graham's comment.
VesaJuvonen
on 26 Apr 2018
Sorry this got lost and I didn't look at it. That being said, I just revalidated teh scenario and I am able to get tenant storage properties as an external user. Could you please let me know in what scenario this is not working?
As a logged in external user I just called _api/web/getstorageentity('Test') and I get that data returned to me.
GrahamMcMynn
on 10 May 2019
This issue has been automatically marked as stale because it has marked as requiring author feedback but has not had any activity for 7 days. It will be closed if no further activity occurs within next 7 days of this comment. Thank you for your contributions to SharePoint Developer activities.
msft-github-bot
on 18 May 2019
Closing issue due no response from original author. If this issue is still occurring, please open a new issue with additional details. Notice that if you have included another related issue as additional comment on this, please open that also as separate issue, so that we can track it independently.
msft-github-bot
on 25 May 2019
Tested this successfully as well:
- tenant-scoped tenant property
- accessing it via REST with guest accounts works (tested organizational guest and guest with Microsoft account)
heinrich-ulbricht
on 10 Jul 2019
Issues that have been closed & had no follow-up activity for at least 7 days are automatically locked. Please refer to our wiki for more details, including how to remediate this action if you feel this was done prematurely or in error: Issue List: Our approach to locked issues
msft-github-bot
on 28 Jan 2020
Related issues
christianbueschi
路
3Comments
karishmaTCS
路
3Comments
ken-harris
路
3Comments
jonthenerd
路
3Comments
zerovectorspace
路
3Comments
Most helpful comment
Reopen based on Graham's comment.