0

We're getting a 400 error with the message "Tenant does not have a SPO license" when we try to access the Sharepoint-endpoints in the Microsoft Graph v1.0 API.

We've registered our Azure AD app and assigned Application Permissions (as opposed to Delegated) for the relevant endpoints, as we need to access the endpoints server to server (ie. outside the context of an authenticated user).

The tenant is connected to an Office 365 Business subscription, that we can assign to users, but the tenant in this case is the directory itself and we don't see how we can assign a subscription to that.

It seems there is precious little information available regarding this, and most of it applies to the delegated permissions scenario.

Any help would be greatly appreciated.

Jørgen T
  • 11
  • 4
  • Could you solve this problem? I have the same problem with business account and I can get response via Graph Explorer but cannot get via Postman. – kyo Jun 30 '22 at 10:23

1 Answers1

0

If you have purchased an O365 Business subscription, you may still need to be assign SPO (SharePoint Online) license for specific AAD user/ O365 user.

Use your admin account to log into O365 admin center and select a user and assign SPO license.

enter image description here

After clicking on "Edit", you can choose a SharePoint license to assign it to the user.

Allen Wu
  • 15,529
  • 1
  • 9
  • 20
  • Yes, we're aware of that, but the problem here is that the queries to the Graph-API are not in the context of a specific user, but rather the AzureAD-app itself.As far as I know, classic impersionation in Oauth2 is not an option, since it doesn't support "Act on behalf of", ie. if we were to change to delegated permissions and create a service user for this purpose it would inherit the permissions of the app itself. – Jørgen T Dec 04 '19 at 09:12
  • Which endpoint are you calling? Please share the API document. – Allen Wu Dec 04 '19 at 09:29
  • https://graph.microsoft.com/v1.0/sites/root - documentation available here: https://learn.microsoft.com/en-us/graph/api/resources/sharepoint?view=graph-rest-1.0 – Jørgen T Dec 04 '19 at 10:10
  • 1
    @JørgenT Which O365 subscription plan do you have? Does it include SharePoint service? Or you can also log into https://developer.microsoft.com/en-us/graph/graph-explorer an call `GET https://graph.microsoft.com/v1.0/sites/root` to see if it returns 200 OK response. – Allen Wu Dec 05 '19 at 08:00
  • The tenant is connected to a O365 E3 plan which includes Sharepoint, so we can assign subscriptions to users in the directory. – Jørgen T Dec 05 '19 at 12:08
  • Have you tried to call the endpoint in Microsoft Graph explorer? – Allen Wu Dec 09 '19 at 01:47