People Search REST API 401 Response

[kristen-argent]

Target SharePoint environment

SharePoint Online

What SharePoint development model, framework, SDK or API is this about?

SharePoint REST API

Developer environment

Windows

What browser(s) / client(s) have you tested

• 💥 Internet Explorer
• 💥 Microsoft Edge
• 💥 Google Chrome
• 💥 FireFox
• 💥 Safari
• mobile (iOS/iPadOS)
• mobile (Android)
• not applicable
• other (enter in the "Additional environment details" area below)

Additional environment details

Hitting the API in any way

Describe the bug / error

We have developed an application that makes use of the rest search API - until Tuesday this was working well in all environments.

Since then it has ceased working in some environments (Australian) and is now returning a 401 Unauthorized response.
It continues to work in two of our tenants (US based)

We use sourceId=B09A7990-05EA-4AF9-81EF-EDFAB16C4E31.

The query is being run by the application entra id, not using a user token.
Hitting search api without the source id filter also works correctly.

Steps to reproduce

Request URL with app token.

https://___.sharepoint.com/_api/search/query?querytext=%27user%27&sourceid=%27b09a7990-05ea-4af9-81ef-edfab16c4e31%i27

Expected behavior

Search results returned

[Ashlesha-MSFT]

Hello @kristen-argent,
Thank you for bringing this issue to our attention. We will look into it and get back to you shortly.

[Ashlesha-MSFT]

@kristen-argent,

We were unable to reproduce the issue in our tenant. To assist further, could you please share the tenant details? This will help us escalate and investigate the matter more effectively with our engineering team.

[kristen-argent]

@Ashlesha-MSFT

The tenant with issues:

The tenant still working:

[kristen-argent]

@Ashlesha-MSFT any update on this issue? Looks like you have been able to reproduce after the tenant information was provided? Are we likely to see a fix soon?

[Ashlesha-MSFT]

@kristen-argent,
We’ve logged this issue as a bug already, and our engineering team is currently investigating it.
They’re working on a fix and it should be addressed soon.

[MortenPedersenDK]

Not sure if it is related, but in some tenants I get 401 Unauthorized when calling the Search REST API like below, while in other tenants I do not.

https://tenant.sharepoint.com/sites/intranet/_api/search/query?querytext=%27DepartmentId:98459155-b50b-431b-968c-b6d9aedeeb65%20contentclass:STS_Site%27&selectproperties=%27Path,ContentClass,SiteId%27

I have checked the App registration in entra, and they are 100% identical.

I use HttpClient for the call, using Bearer token like this:

var url = baseUrl + $"/_api/search/query?querytext=%27DepartmentId:{hubId.ToString()}%20contentclass:STS_Site%27&selectproperties=%27Path,ContentClass,SiteId%27";
var req = new HttpRequestMessage(HttpMethod.Get, url);
var token = ctx.GetAccessToken();
req.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token);
HttpClient http = new HttpClient();
http.DefaultRequestHeaders.Accept.Clear();
http.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

var response = await http.SendAsync(req);
string json = await response.Content.ReadAsStringAsync();

On the failing tenants I get this response:

{"odata.error":{"code":"-1, Microsoft.Office.Server.Search.REST.SearchServiceException","message":{"lang":"da-DK","value":"Uautoriseret."}}}

[VesaJuvonen]

This was an issue on the Microsoft yesterday, which was also logged at the tenant status updates. Issue has been resolved. You can find a b it more details on the following GitHub issue where this was also discussed in the context of PnP search web parts - microsoft-search/pnp-modern-search#4361.

Closing as resolved.

[kristen-argent]

@VesaJuvonen with all due respect this issue was completely different from the issue yesterday and is still occurring. I would like this issue re opened as I believe there is a fix being developed as per @Ashlesha-MSFT.
The fact that this issue was closed without even verification from my side is completely ridiculous.
If it’s not reopened I’ll be raising another bug shortly.