SharePoint Node returns 403 Forbidden in n8n Cloud - How to fix?

Questions
1

Problem

I’m getting 403 Forbidden errors when using the SharePoint node in n8n Cloud to access our SharePoint/OneDrive files. The built-in n8n Cloud SharePoint credential connects successfully but fails on any actual data access.

Root Cause

After investigation, I found that n8n Cloud’s built-in SharePoint OAuth2 credential only has the User.Read permission. This is insufficient for accessing files, lists, or any SharePoint content.

What I’ve Tried

  1. Used the default “Microsoft SharePoint OAuth2 API” credential in n8n Cloud

  2. Connection shows as successful (green checkmark)

  3. But any operation (Download File, Get Items, etc.) returns: 403 - Forbidden

The Issue

The SharePoint node in n8n Cloud is hardcoded to only accept n8n’s pre-built SharePoint credential, which lacks the necessary permissions.

My Workaround Attempt

I created my own Azure AD app registration with extensive permissions to rule out any permission issues:

Microsoft Graph - Delegated:

  • Files.Read.All / Files.ReadWrite.All

  • Sites.Read.All / Sites.ReadWrite.All

  • Mail.Read / Mail.ReadWrite (and variations)

  • Directory.Read.All / Directory.ReadWrite.All

  • offline_access

  • User.Read

Office 365 SharePoint Online - Delegated:

  • AllSites.Read / AllSites.Write / AllSites.Manage / AllSites.FullControl

  • MyFiles.Read / MyFiles.Write

  • Sites.Search.All

  • User.Read.All / User.ReadWrite.All

Microsoft Graph - Application (for automation):

  • Files.Read.All / Files.ReadWrite.All

  • Sites.Read.All / Sites.ReadWrite.All / Sites.Manage.All / Sites.FullControl.All

  • Mail.Read / Mail.Send

  • Directory.Read.All / Directory.ReadWrite.All

All permissions have been granted admin consent (green checkmarks in Azure AD).

However, the SharePoint node in n8n Cloud doesn’t recognize my custom OAuth2 credential - the dropdown only shows n8n’s built-in credential with insufficient permissions.

Questions

  1. Is there a way to make the SharePoint node work in n8n Cloud without 403 errors?

  2. Can the built-in n8n SharePoint credential be upgraded with additional permissions?

  3. Is using HTTP Request nodes with Microsoft Graph API the only solution?

  4. Does n8n self-hosted allow using custom OAuth2 credentials with the SharePoint node?

Environment

  • Platform: n8n Cloud

  • Node: Microsoft SharePoint

  • Tenant: Microsoft 365 Business

  • Error: 403 Forbidden on all SharePoint operations

Our use case requires multiple SharePoint operations across workflows, so switching entirely to HTTP Request nodes would be quite cumbersome. Any guidance would be greatly appreciated!

4 Likes
2

I found a solution:

  1. First you go to your n8n dashboard/project and you add a credential.

  2. For “Select an app or service to connect to” select “Microsoft OAuth2 API”

  3. Name the credential something like “Sharepoint Permissions”

  4. For scopes, copy in Sites.Read.All Sites.ReadWrite.All SearchConfiguration.Read.All SearchConfiguration.ReadWrite.All

  5. Click the “Connect Account” button.

  6. Ensure you are using a MS tenant admin account. This won’t work if you don’t have the right permissions.

  7. n8n will request the correct scopes that were missing before.

  8. Once the connection is successful you can open up a workflow, add a Sharepoint node and create new credentials. This time, because the scopes were added already, you won’t run into the error 403 problem.

The issue is that the official Sharepoint Node does not automatically add the right scopes (or give you the option to do so) when you create a credential through there. This method circumvents that and adds the scopes that are needed so you can use the official Sharepoint n8n node.