sp-starter-kit
sp-starter-kit copied to clipboard
pnp
Couldn't install the starter kit - I'm getting (403) Forbidden error
Hi,
I'm trying to install the new SharePoint Starter Kit in my tenant but i'm getting 403 error. Can you anyone please guide me on installing this starter kit.
Category
- [ ] Question
- [X] Bug
- [ ] Enhancement
Expected or Desired Behavior
Expecting to install the SharePoint starter kit in my tenant.
Observed Behavior
I'm getting 'The remote server returned an error: (403) Forbidden.' error when i run the following Powershell command
'Apply-PnPProvisioningHierarchy -Path starterkit.pnp -Parameters @{"SiteUrlPrefix"="demo_"}'
Note: I'm using a global administrator credential (MSA enabled account) to run the powershell.
Steps to Reproduce
- Open SharePoint Online Management Powershell
- Run 'Connect-PnPOnline [Tenant URL] -UseWebLogin'
- Enter the user credential which has global administrator access
- Run 'Apply-PnPProvisioningHierarchy -Path starterkit.pnp -Parameters @{"SiteUrlPrefix"="demo_"}'
Note: I'm using the 'PnP PowerShell for SharePoint Online' version '3.2.1810.0'
Thank you in advance.
Additional Observed Behavior
I have tested this on a tenant which don't have MSA enable and it is working fine.
Looks like the issue is with the tenant which has the MSA enabled.
Thank you
Same issue for me too, Worse than that : I tried to apply the starter kit in a new Office 365 tenant (created with the developer program, so without MSA enabled) and I have the same behavior...
Anybody found any solution for this issue yet?
Unfortunately, no. Nothing yet.
Thank you @JeremySColeman I hope someone will be able to help us here. It's looks like something to do with MSA enabled environment.
Hi @VesaJuvonen
I have run the script again and this is the exception details
Please let me know, if you need any further information.
Hi @muges01 - this indicates either two things. You do not have app catalog created in your tenant OR you do not have site collection administrator permissions in the app catalog for some reason. Can you check those. Thx.
Hi @VesaJuvonen
I have the same error as @muges01 despite the fact that I am administrator (both site collection and tenant) and I have an App Catalog...
Hi @VesaJuvonen,
I have checked the two things that you have asked me clarify.
- I have app catalog and i have uploaded other SPFx solution to the app catalog successfully
- I have site collection administrator permission on App catalog site
Please let me know, if you need any other details.
Thank you
Hi @muges01 - this indicates either two things. You do not have app catalog created in your tenant OR you do not have site collection administrator permissions in the app catalog for some reason. Can you check those. Thx.
@VesaJuvonen In my case I am not only a Global Admin but also an explicit Site Collection administrator for all collections on the tenant. Our App Catalog is several years old and has several apps installed. Additionally I verified that I am an Term Store admin and the user profile attribute was created prior to testing.
I tested with my admin account as well as with the default tenant admin account, no luck.
Thanks for the assistance!
@muges01 - Can you test following - ensure that you do not have the sppkg file in the app catalog... so delete if it's there. Try re-installation. Share the app catalog status and if the sppkg file is now there.
@JeremySColeman - Can you share the exception details what you get... or is that the same as what was already mentioned above.
Thx.
Hi @VesaJuvonen ,
Sorry for the delay, I have checked my app catalog and there is no sppkg file been deployed.
Thank you
Hi @muges01 To make sure we can (from code) actually resolve the URL of the appcatalog, can you in PowerShell execute the following cmdlet:
Get-PnPTenantAppCatalogUrl
It should return the url to your appcatalog site.
Hi @erwinvanhunen ,
Here is the url of my app catalog https://[tenant].sharepoint.com/sites/appcatalog
Thank you
@muges01 - Can you test following - ensure that you do not have the sppkg file in the app catalog... so delete if it's there. Try re-installation. Share the app catalog status and if the sppkg file is now there.
@JeremySColeman - Can you share the exception details what you get... or is that the same as what was already mentioned above.
Thx.
The exception I get is identical to the original post screenshot
Hi @VesaJuvonen
I have the same issue. If its any help, - it seems that the 403 comes from a POST to /_vti_bin/sites.asmx method GetUpdatedFormDigestInformation ?
Thanks :-)
Hi guys,
Any updates on this issue? It's been so long, any suggestion for work around will be good as well.
I noticed that Apply-PnPProvisioningHierarchy has been deprecated. So I tried Apply-PnPTenantTemplate instead, but with same outcome. 403 on POST to /_vti_bin/sites.asmx.
We are trying to repro this. Anyone up for a remote desktop session where we look into your issue from a debug side of the story?
We are trying to repro this. Anyone up for a remote desktop session where we look into your issue from a debug side of the story?
@erwinvanhunen I am getting this now. Can do RD session.
Using App Password works fine.
Ex: Connect-PnPOnline -Url $tenant-admin.sharepoint.com -Credentials (Get-Credential) and use your App Password
I get (403) Forbidden when I connect using Connect-PnPOnline -UseWebLogin
And (401) Unauthorized when I connect using Connect-PnPOnline -AppId $appId -AppSecret $appSecret
I am guessing that the token returned from ... -UseWebLogin request is connected to $tenant-admin.sharepoint.com and can not be used for SPWebs in <SiteCollections> node.
Hi @maxali,
So if we use the app password, we should be able to install the starter kit without any issue. Is that correct?
Hi @maxali,
So if we use the app password, we should be able to install the starter kit without any issue. Is that correct?
It seems so @muges01 . I got it working with App Password.
Hi @maxali ,
I tried to use the App Password i'm not getting 403 Forbidden error anymore but i i'm getting the following error
What am i missing here?