“Token type is not allowed” Error when Invoking SharePoint REST API

~ clavinfernandes

Recently I blogged on how to “Invoke SharePoint REST API from Power Automate Desktop”, in the blog we are granting Power Automate Desktop Application access using SharePoint App-Only Authentication.

All worked well for me, however one of my subscribers complained that they are getting the error below –

{"error":"invalid_request","error_description":"Token type is not allowed."}

As a first step of troubleshooting, I requested them to check if they are facing the same problem using a REST Client(Postman) and this confirmed that the problem is not really related to Power Automate Desktop.

On Investigating further, I found that Microsoft has rolled out a change to all SharePoint Online tenants created on or after August 2020 which restricted App-Only Authentication. Tenants created before this time work just fine.

Fortunately the tenant’s behaviour can be changed as follows:

  Get-Module -Name Microsoft.Online.SharePoint.PowerShell -ListAvailable | Select Name,Version

Please note that upgrading an old Management Shell can be problematic. Please see this blog post for more details. 

  • Launch the ‘SharePoint Online Management Shell’ as Administrator.
  • Connect to your environment’s tenant admin URL using the following command.
Connect-SPOService -Url https://tenant-admin.sharepoint.com

Make sure you replace the URL with your tenant name and include the ‘-admin’ suffix. You will be asked to login, please make sure the credentials for a SharePoint admin are specified. (You may need to reach out to your SharePoint Online support team in order to make this change).
 

  • Execute the following command to make the change
    Set-SPOTenant -DisableCustomAppAuthentication $false

Please note that it may take 5 minutes for this change to take effect. 

Subscribe to this blog for the latest updates about SharePoint Online, Nintex, Microsoft Flow, Power Apps, and document conversion and manipulation.

Published by clavinfernandes

I am Clavin Fernandes and I work as a Technical consultant at Rapid Circle and Technical Support Manager for Muhimbi Ltd – Home of the PDF Converter for SharePoint / Office 365/ Power Platform.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s