Microsoft cloud engineer - SharePoint, Office 365, Azure, DotNet, Angular, JavaScript.
Microsoft cloud engineer - SharePoint, Office 365, Azure, DotNet, Angular, JavaScript.

SharePoint Online

Explore SharePoint REST API with Chrome F12 cURL (bash) to Postman

Wanted to create demo for how to leverage F12 tools to capture SharePoint Online REST api calls and replay into REST Postman.   Allows adjustment of HTTP headers, inspecting output, and execute test API calls.  Postman provides benefits of storing history, export data, and fine tuning the API headers.

Leveraging Chrome F12 enables us to quickly create a valid HTTP POST with correct authentication HTTP  headers, cookies, and endpoint URL.  Cheers.

shades_smile

Video

Screenshot

image
image

Reference

FIXED – You can’t get there from here

With Office 365 Conditional Access Policy security applied users will see the error below when attempting to view SharePoint Online with a different browser (FireFox, Chrome, etc.).   This makes debugging front end JavaScript applications challenging without Chrome’s excellent F12 debug tools.

However, we have a fix.

Leverage Internet Explorer to obtain a valid Office 365 session and export those cookies to text.   Demo video shows exactly how to extract the “FedAuth” and “rtFa” cookies to successfully login from any web client (FireFox, Chrome, Fiddler, REST Post Man).

Cheers! 

shades_smile

Video

Error

2018-12-11_10-08-47

You can’t get there from here
This application contains sensitive information and can only be accessed from:

    ____ domain joined devices. Access from personal devices is not allowed.

The current browser is not supported, please use Microsoft Edge, Internet Explorer or Chrome to access this application.
Sign out and sign in with a different account
More details
Request Id: 910358d2-1206-4c34-93a9-f0b649d66c00
Correlation Id: cfbcaa9e-c092-7000-52c6-8ee95190c3a7
Timestamp: 2018-12-10T19:54:00.886Z
App name: Office 365 SharePoint Online
App id: 00000003-0000-0ff1-ce00-000000000000
IP address: 10.10.10.10
Device identifier: Not available
Device platform: Windows 10
Device state: Unregistered
Advanced diagnostics: Enable
If you plan on getting support for an issue, turn this on and try to reproduce the error. This will collect additional information that will help troubleshoot the issue.

References

FIXED – Uncaught (in promise) SyntaxError: Unexpected token < in JSON at position 0

When coding JavaScript with SP-PNP-JS I came across the error below and wanted to document for others.  Cheers! 

shades_smile

Error

Uncaught (in promise) SyntaxError: Unexpected token < in JSON at position 0

image
image
image

Root Cause

When calling HTTP GET the default Header “accept: application/json” can return data as XML.  

Use F12 Developer Tools to view network traffic with HTTP headers and raw response text.

Solution

Modify JS code to initialize AngularJS with different HTTP headers.

Now SharePoint PNP api calls with Header “accept: application/json; odata=verbose” and returns data as JSON for correct parsing.

$pnp.setup({
	headers: {
		"Accept": "application/json; odata=verbose"
	}
});
image

References

VIDEO – Disable Legacy Auth & Connect PNP

Even with Legacy auth disabled, you can successfully run Connect-PNPOnline. Video demo shows changing SPO tenant security, then how to register new AppId for Connect-PNPOnline access to all site collections in tenant.   The “AppRegNew” and “AppInv” ASPX pages can be used to establish authentication channel for PowerShell work in PNP on Office 365 tenants where Legacy Auth is disabled. Cheers! 

shades_smile

Video

Code

# Check SPO
Connect-SPOService "https://spjeff-admin.sharepoint.com"
Get-SPOTenant | Select *legacy* | ft

# 2) Disable Legacy
Set-SPOTenant -LegacyAuthProtocolsEnabled $false
Get-SPOTenant | Select *legacy* | ft

# 3) Register App
# https://spjeff-admin.sharepoint.com/_layouts/15/appregnew.aspx

# 4) Invite App
# https://spjeff-admin.sharepoint.com/_layouts/15/appinv.aspx

# 5) PNP Login
Connect-PNPOnline -AppId "e419e703-5293-402c-bb70-3aff593b850b" -AppSecret "secret-here"
$w = Get-PNPWeb
Get-PNPList -Web $w

References

-LegacyAuthProtocolsEnabled

By default this value is set to $True. Setting this parameter prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources. A value of True- Enables Office clients using non-modern authentication protocols (such as, Forms-Based Authentication (FBA) or Identity Client Runtime Library (IDCRL)) to access SharePoint resources. A value of False-Prevents Office clients using non-modern authentication protocols from accessing SharePoint Online resources. Note This may also prevent third-party apps from accessing SharePoint Online resources. Also, this will also block apps using the SharePointOnlineCredentials class to access SharePoint Online resources. For additional information about SharePointOnlineCredentials, see SharePointOnlineCredentials class.

Tenant Full Control


  

Site Collection


  

© Copyright 2016
@ SPJeff

Return to Top ▲Return to Top ▲