microsoftgraph
Guest User Receives 401 "accessDenied" Error When Accessing Shared Files via Microsoft Graph API Despite Valid Authentication
Refernce similar to this in Sharepoint: https://github.com/OneDrive/onedrive-api-docs/issues/1039
Pattern of failure: Initial API calls fail with 401 After manually visiting the file through SharePoint web UI, API calls work temporarily (1-4 hours) API calls then fail again after a period of inactivity Web UI access requires device code authentication flow What works: ✅ Basic Microsoft Graph calls (/me) succeed ✅ Accessing files through SharePoint web UI works ✅ Token refresh succeeds and produces valid access tokens What fails: ❌ Microsoft Graph API calls to /shares/{share-id}/driveItem
Issue Type: Microsoft Graph API Authentication Affected Service: SharePoint Online for Business User Type: Guest User (External/Cross-Tenant) Authentication Method: OAuth 2.0 with Refresh Token API Endpoint: /shares/{share-id}/driveItem
Problem Description: As a guest user in your tenant, I am unable to programmatically access shared files via the Microsoft Graph API, despite having:
Valid authentication tokens Proper API permissions granted Ability to access the same files through the web UI
Detailed Symptoms:
API calls fail with 401 error:
{ "error": { "code": "accessDenied", "message": "There has been an error authenticating the request." } }
