Sharepoint online spoke - 401 - Invalid username/password combo

magnushedlu
Tera Guru

‎05-16-2025 12:56 AM

We are trying to set up the Sharepoint Online API (Spoke) but are having issues.


We have followed all steps as described in the guide (Configure Microsoft SharePoint Online connection record) and we are getting the oauth token successfully.
But when doing a simple actions such as "get list" we get "method failed" with the message "401 - Invalid username/password combo". 

Any ideas on what the issue could be? We have tried to grant the api with as high permissions as possible in Azure but still same problem.

Can it be an issue that we are using a mid server? 

0 Helpfuls
  • 581 Views
4 REPLIES 4

Aditya02
Tera Guru

‎07-10-2025 05:28 AM

hello @magnushedlu 

 

I too facing the same issue did you find any solution for this..

0 Helpfuls

magnushedlu
Tera Guru
In response to Aditya02

‎07-28-2025 02:29 AM

Hi,

 

In our case we got this resolved by also configuring the SharePoint Graph spoke even though we do not need to use any of the actions included in that spoke. This was the recommended resolution from Servicenow support. So in case you have not configured that spoke you can try and see if this resolves it for you as well. 

0 Helpfuls

wbmashburn
Tera Contributor
In response to magnushedlu

‎07-29-2025 06:18 AM

We already have the graph spoke set up and I'm still getting the same 401 error. Any other ideas?

0 Helpfuls

Paul Kunze
Tera Guru

Tuesday

Hello, let me share what helped for us.

We had the same issue and needed a lot of time to find the reason because the ServiceNow documentation is incomplete. We found some hints on support pages, forums and in the Microsoft documentation.

 

If you are using the permission type "Sites.Selected" then you need to grant access from your Azure app registry to the SharePoint site by executing a REST call. If you don't do this, you will always get a 401 error.

 

This is the needed form and content of the REST call:

POST https://graph.microsoft.com/v1.0/sites/{sitesId}/permissions
Content-Type: application/json

{
  "roles": ["write"],
  "grantedToIdentities": [{
    "application": {
      "id": "your-client-id",
      "displayName": "your-app-reg-name"
    }
  }]
}

 

The roles can be "read", "write" or "owner". After you did this once for the site, the API calls from the SharePoint spoke should be successful (if everything else is setup correctly).

It is taken from the official Microsoft documentation: https://learn.microsoft.com/en-gb/graph/api/site-post-permissions

 

0 Helpfuls