We connect to a sharepoint-site that was recently configured by our client. The site was configured with a Sharepoint expert and we double checked the authorization configuration of the sharepoint site.
While running one of the data pages (D_SPOnlineGetAllLists) we get a 403 http status code. In the log I see that an error occurs:
BEARER authentication error: No access token available
HTTP Status code: 403 Forbidden
We did a connection setup in postman following the steps of Microsoft: How to register an app in Microsoft Entra ID - Microsoft identity platform | Microsoft Learn . Here we are succesfully able to retrieve a list of lists. The setup is different than how the SP Online component handles the authentication calls, a high-trust sharepoint is used not line with the steps that Microsoft provides in the URL above.
Now from the Microsoft documentation, it seems that the API to retrieve an access token has changed because of the the Graph API introduction. For the Graph API, the authentication method is different from the Sharepoint API.
Either way, I don’t manage to make this work in our Pega environment, also if I use the exact same setup as in Postman Pega doesn’t manage to get a token.
Covers connecting to REST or SOAP services, and configuring enterprise messaging with either JMS or IBM MQ. It also includes information about the security best practices and the process for conducting security assessments for applications on Pega Cloud
If you have additional questions perhaps you could PM Prasad Akella who is listed there as the product owner.
@nvkap@ChandraSekharBk could one of you comment on this question about SharePoint integration?
@MarijeSchillern It’s indeed the Sharepoint Online component and Erwin and I followed and double checked the configuration steps multiple times together with a Sharepoint expert. As we got a 403, it means we have connection from PegaCloud to the sharepoint but there’s an authentication/authorization issue. We have the configuration working from Postman following the steps from Microsoft.
We contacted the PO of the component earlier but got no response so far, we also raised a ticket INC-A4556 and got no solution so far, it seems the PO is off.
Unfortunately, as GCS, marketplace components are not supported by us.
Since the owner of the mentioned component is right now on leave until next week, we will need to wait for him to comeback and investigate this further
@MaartenBPM I can see that INC-A4556 was closed with your permission.
Our support team provided you with some suggestions on using the Sharepoint Online component by making the following changes:
In the screenshot of the auth profile shared by you, it seems you’ve reused the auth endpoint for the access token endpoint. These are distinct resources in the OAuth2 flow, and are used for different purposes.
Try to modify the auth profile in use and replace the auth token endpoint with the value https://login.microsoftonline.com/common/oauth2/token
If this does not resolve the issue, you could further try and replace the redirect URI value with https://[modified].pegadocuments.com/oauth2/callback to copy the postman configuration exactly
We understand that you managed to get through the authentication procedure by using Graph API and that you are no longer using the steps from the default component.
@AkshithReddyT as this post is now almost a year old, if you do not get a response I suggest that you log a support issue in order to have our support team help investigate your issue.