Tag: Access Denied

Fixed – Access Denied (CryptographicException) on calling SharePoint Online APIs using Azure AD App-Only


While trying to call SharePoint Online APIs using Azure AD App-Only using Certificate Auth we were getting the Access Denied exception.

We were creating the ClientContext using the AuthenticationManager class of PnP the Framework and were using Certificate Auth as shown below.

A screenshot of a computer program Description automatically generated

This was because the console app was trying to create a key in the machinekeys folder and the user did not have Write access to it.

C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

A screenshot of a computer Description automatically generated

We provided the Write access, which fixed the issue.

A screenshot of a computer Description automatically generated

We can see the keys added to that folder and SharePoint Online APIs called successfully

Hope it helps..