We are using the Azure App Registration as a security principle, used to get the bearer token when making api requests in Postman.
API permissions we have:
Sites.FullControl.All
Sites.Manage.All
Sites.ReadWrite.All
Sites.Selected
Here is the code snippet of the way I am responding at the moment
Code from my Azure function :
if($Request.Query.validationtoken){
# If the Request's payload includes a validation token, then this is a validation request send by SharePoint List as part of the creation of a
#Subscription to its notifications., In which case, send a 200 Response back and include the token.
$tokenVal = $Request.Query.validationtoken
Write-Host "##################################################################"
Write-Host "Validation Token: " $tokenVal
Write-Host "##################################################################"
# Send the response, ensuring that the validation token is sent as plain text
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Headers = @{
"Content-Type" = "text/plain"
}
Body = $tokenVal
})
}
Here is the 400 Error and the XML I get from sending that request. The request seems to do half of the job, and it fails on its way back to SharePoint.
So to summarise the problem at hand: Postman initiates the create subscription request with SharePoint, which succeeds. SharePoint then sends a validation request to Azure Function, which triggers the function, the function then sends a response back which includes the validation token but then this error is returned to Postman:
<?xml version="1.0" encoding="utf-8"?>
<m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
<m:code>-1, System.InvalidOperationException</m:code>
<m:message xml:lang="en-US">Failed to validate the notification URL 'https://fa-alantest-rnd-uks.azurewebsites.net/api/SPO_Webhook?code=****************************'.</m:message>
</m:error>
the *’s are for the redacted code.
We are able to interact with the list for example get a person from the list using the same security principle, however, we are unable to set up a subscription.
We are expecting a 201 back from SharePoint into Postman to indicate that the subscription has been created successfully, together with the details of the new subscription such as the new subscription ID
Let me know if you need any more information. Thanks in advance 🙂
natalia is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.