Microsoft Credentials

Questions
,
1

Issue configuring SharePoint credentials in n8n

I’m struggling to properly configure SharePoint credentials in n8n and I’m not sure whether they should be set up via the Microsoft SharePoint credential or directly via Azure Entra ID (Azure AD). In both cases, the credentials can be created and validated successfully in n8n, but when I use them in my workflows, I don’t get access to the content inside SharePoint. I’m unable to list sites, document libraries, or folders, even though they already exist. I also don’t get any explicit error or logs to understand what’s failing, which makes it hard to troubleshoot. At this point, it’s unclear whether the issue comes from missing permissions, an incorrect credential type, or an additional configuration required on the SharePoint or Azure side.

Any advices ?

2

Hi @Lucas28

This usually comes down to permissions and API scope, not the credential type itself.

Recommended setup:

  • Use Azure Entra ID (Azure AD) App Registration credentials in n8n (this is the most reliable option).
  • Make sure the app has Microsoft Graph Application permissions, not only Delegated.

Key permissions to check (Application permissions):

  • Sites.Read.All (minimum)
  • Sites.ReadWrite.All (if you need write access)

After adding permissions:

  1. Grant admin consent in Entra ID (this is mandatory).
  2. Verify the SharePoint site is accessible via Graph (some sites are private by default).
  3. In n8n, reference the site using the site ID or full site path, not just the display name.

If credentials validate but list operations return nothing, it almost always means:

  • Admin consent was not granted, or
  • The app does not have access to that specific site collection.

Using the SharePoint credential type without proper Graph permissions often validates but cannot enumerate content.

3

Hey! Thanks for the reply. I’m now getting a 403 error. I saw a post in the community and granted the permission Directory.Read.All, but it still doesn’t work and I still can’t load the list.
Do you have any further information on what permissions/settings are required?

4

@Lucas28

Can you share the body of the 403 error returned by the node (with any sensitive info redacted)?

5

“Could not load list

403 - Forbidden

Access denied

Check your credential”

6

Is the site private and has the app been explicitly granted access to it?

That error message indicates your Azure Entra ID app doesn’t have effective permissions yet. You need to grant your App Registration direct access to the site, for example via PowerShell:

Connect-PnPOnline -Url https://TENANT.sharepoint.com/sites/SITE -Interactive
Grant-PnPAzureADAppSitePermission `
  -AppId "CLIENT_ID_DO_APP" `
  -DisplayName "n8n App" `
  -Site https://TENANT.sharepoint.com/sites/SITE `
  -Permissions Read

This should give your app the necessary permissions to access the private site. Give it a try and let me know if that resolves the issue!

7

Hello,

The Azure app has all the required Microsoft Graph permissions, and admin consent has been granted. However, we are still unable to connect n8n to our SharePoint.

Could you please advise on what might be missing?

Thx in advance

8

Hi @Lucas28 ! To help you better can you share a few screenshots?

The API permissions page in Azure showing all the permissions and the admin consent status, the credential settings in n8n (with sensitive info hidden), and the full error message returned by the node, not just the 403 summary. With those three it’ll be much easier to spot what’s going on!

9

Hey !

Here it is :

ca1528fa-19e5-4a47-ad81-4e8dfd76f11d
ca1528fa-19e5-4a47-ad81-4e8dfd76f11d1343×471 19.5 KB

1163×731 37.9 KB
In the node execution i don’t have any other info :
Could not load list 403 - Forbidden Access denied Check your credential

10

Hi @Lucas28
Thanks for the screenshots. This looks like the app is authenticated but not authorized for the specific SharePoint site, meaning the exact site URL. I’d confirm whether this is a private SharePoint site and make sure the app has explicit access to that exact site URL, and also verify that the permission type in Azure, Application versus Delegated, matches the OAuth flow you’re using in n8n, because a mismatch there can also result in this 403.