401 (Unauthorized) When calling Sharepoint Query

Question

I am currently getting this error 401 when I try to call my Sharepoint Endpoint. It occurred after I added the following below into the header. What is the issue here? I am unsure if this is an issue with IIS or the Sharepoint Configurations, please advice. Thank you!

My Response: GET http://www.test.com/Shared%20Documents/query%20result%20BEFORE.xml 401 (Unauthorized)

Previously, I was facing this error:

Access to XMLHttpRequest at **** from origin 'http://127.0.0.1:1234' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I added the Access-Control-Allow-Origin with a value of "*" in the HTTP Response Headers and now I am getting the 401 error.

My code:

  function testCall2() {
        const xhr1 = new XMLHttpRequest();
        const URL= "http://test.com/_api/search/query?querytext=%27BEFORE%27"

        xhr1.open("GET", URL);
        xhr1.onreadystatechange = function() {
            if (xhr1.readyState === 4) {
                if (xhr1.status === 200) {
                    const response = xhr1.responseText;
                    // Process the response as needed
                    console.log(`XHR1 Success!! ${response}`);
                } else {
                    console.error('XHR1 Error:', xhr1.statusText);
                }
            }
        };
        xhr1.send();
    }

Answer 1

You need to send authorization, if your code runs at localhost (is not a part of the sharepoint page). Now you do not send any. 401 is not "access denied", it is "authorization required".

The above code would be legal and work, if it was running as a part of SharePoint page (the cookie authorization will be used automatically). But if the code comes from a third-party server, you need to authorize explcitly.