Accessing Sharepoint Project web app REST from sep

2019-08-02 00:40发布

问题:

I need to connect to our corporate PWA. This is the code I'm using:

// var endpointUrl = 'https://<companySite>.sharepoint.com/sites/pwa/_api/web/lists';
var endpointUrl = 'https://<companySite>.sharepoint.com/sites/pwa/_api/ProjectData/Projects?$select=ProjectName';
var xhr = new XMLHttpRequest();
xhr.open("GET", endpointUrl);

// The APIs require an OAuth access token in the Authorization header, formatted like this: 'Authorization: Bearer <token>'. 
xhr.setRequestHeader("Authorization", "Bearer " + token);
xhr.setRequestHeader("Accept", "application/json");

$("#header").html("Requesting: " + endpointUrl);

// Process the response from the API.  
xhr.onload = function () {
  if (xhr.status == 200) {
     var formattedResponse = JSON.stringify(JSON.parse(xhr.response), undefined, 2);
           $("#results").html("<pre>" + formattedResponse + "</pre>");
         } else {
           $("#results").html("HTTP " + xhr.status + "<br>" + xhr.response);
         }
     }

   // Make request.
   xhr.send();

I've tried also a few different ways, all using Bearer token.

The problem is that this code works for accessing https://<companySite>.sharepoint.com/sites/pwa/_api/web/lists but doesn't for https://<companySite>.sharepoint.com/sites/pwa/_api/ProjectData/Projects?$select=ProjectName

For the latter it returns:

{"odata.error":{"code":"20010, Microsoft.ProjectServer.PJClientCallableException","message":{"lang":"en-US","value":"GeneralSecurityAccessDenied"}}} 

What could be the possible problem?

I know that my token is correct, as it works for accessing */web/lists. I also know that the url is correct, as I can open it in my browser (providing that I'm logged in into sharepoint)

回答1:

You need to use a FormDigestValue.

Make a GET call to .../_api/contextinfo and store the value of 'FormDigestValue'. Then for all your other calls, add a header of X-RequestDigest: <FormDigestValue>