Search This Blog

Monday, December 16, 2013

SharePoint App Model: Viability on public facing websites including Office 365


Failed to get data. Error: Access denied. You do not have permission to perform this action or access this resource.


Well when one thinks of deploying their SharePoint apps (those which interact with SharePoint lists and libraries) on public facing websites there’s a challenge that one gets stuck into. The anonymous users by default do not have access to the Client Side Object Model (by default) nor to the REST API. There’s a solution of enabling the CSOM access for the anonymous users in 2 ways: first, go to Site Settings / Site Permissions and then click the Anonymous Access button on the ribbon.  There’s a checkbox which says “Require Use Remote Interfaces permission” uncheck it and click OK. The second method one can set the same property is by using a PowerShell command UpdateClientObjectModelUseRemoteAPIsPermissionSetting

Using any one of the above described methods the CSOM access by the anonymous users is enabled and the anonymous users can have access to the SharePoint Lists and libraries. When one removes the required remote interface permission for an anonymous site, the entire CSOM is available to anonymous users but that does not mean the entire site can be accessed by the anonymous user rather the SharePoint permissions still apply and can be used to restrict access to confidential/important data that does not need to be shared with such users.

This is the situation when one is using a public facing SharePoint site but this does not apply to an Office 365 public facing site wherein there’s a limitation. A SharePoint app (that interacts with SharePoint lists and libraries) does not work on an office 365 public facing site for anonymous users by default. There’s a solution though: a sandbox solution can be made for enabling the anonymous access on Office 365 public facing site (as far as possible). For more information on this one can visit the following URL:

No comments:

Post a Comment