TransWikia.com

Using Sharepoint Search REST POST API: getting 403 error from HttpWebRequest

SharePoint Asked on January 11, 2021

I am trying to use the SharePoint Search REST API to do a content search from my c# application. I have no problem using the GET method, but the POST method keeps returning a 403 forbidden error. Here is the code I am using to POST:

HttpWebRequest endpointRequest = (HttpWebRequest)HttpWebRequest.Create(queryString);
endpointRequest.Method = "POST";
endpointRequest.Accept = "application/json; odata=verbose";
endpointRequest.ContentType = "application/json; odata=verbose";
endpointRequest.ContentLength = searchTerm.Length;
endpointRequest.UseDefaultCredentials = true;

StreamWriter writer = new StreamWriter(endpointRequest.GetRequestStream());
writer.Write(searchTerm);
writer.Flush();

HttpWebResponse endpointResponse = (HttpWebResponse)endpointRequest.GetResponse();

Stream webStream = endpointResponse.GetResponseStream();
StreamReader responseReader = new StreamReader(webStream);

I know this is an error with validation, and we are authenticating with activeDirectory. What am I missing in the headers to get this search to work?

developmentpostsharepoint rest apisharepoint searchsharepoint server

One Answer

You need to set the value of the X-Request-Digest header with the X-Request-Digest value you get from the contextinfo endpoint to make POST requests using the REST api.

See this thread: https://social.msdn.microsoft.com/Forums/sqlserver/en-US/40833576-5853-4ca4-95cf-b5b1d69f465f/sharepoint-rest-and-c-sample-to-update-list-item?forum=sharepointdevelopment

Here is the code example provided at the above link:

public static string GetFormDigest()
 {
        string  formDigest = null;

        string resourceUrl = "http://basesmc15/_api/contextinfo";
        HttpWebRequest wreq = HttpWebRequest.Create(resourceUrl) as HttpWebRequest;
        wreq.UseDefaultCredentials = true;
        wreq.Method = "POST";
        wreq.Accept = "application/json;odata=verbose";
        wreq.ContentLength = 0;
        wreq.ContentType = "application/json";
        string result;
        WebResponse wresp = wreq.GetResponse();

        using (StreamReader sr = new StreamReader(wresp.GetResponseStream()))
        {
            result = sr.ReadToEnd();
        }

        var jss = new JavaScriptSerializer();
        var val = jss.Deserialize<Dictionary<string,object>>(result);
        var d = val["d"] as Dictionary<string, object>;
        var wi = d["GetContextWebInformation"] as Dictionary<string, object>;
        formDigest = wi["FormDigestValue"].ToString();

        return formDigest;

 }

 public static void UpdateListItem()
 {
        string result = string.Empty;
        Uri uri = new Uri("http://basesmc15/_api/web/lists/getbytitle('testlist')/items(1)");
        HttpWebRequest wreq = (HttpWebRequest)WebRequest.Create(uri);
        wreq.Credentials = CredentialCache.DefaultNetworkCredentials;

        wreq.Method = "POST";
        wreq.Accept = "application/json; odata=verbose";
        wreq.ContentType = "application/json; odata=verbose";
        wreq.Headers.Add( "X-HTTP-Method","MERGE");
        wreq.Headers.Add(  "IF-MATCH", "*");
        wreq.Headers.Add("X-RequestDigest",GetFormDigest());
        wreq.Headers.Add("Authorization", "BEARER" + formDigest);

        string stringData = "{'__metadata': { 'type': 'SP.Data.TestlistListItem' }, 'Title': 'whatever'}";
        wreq.ContentLength = stringData.Length;
        StreamWriter writer = new StreamWriter(wreq.GetRequestStream());
        writer.Write(stringData);
        writer.Flush();

        WebResponse wresp = wreq.GetResponse();
        using (StreamReader sr = new StreamReader(wresp.GetResponseStream()))
        {
            result = sr.ReadToEnd();
        }


 }

Correct answer by James11 on January 11, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

Recent Answers

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP