Getting Token type is not allowed error when sending REST API request to SharePoint API from Postman

Question

I have successfully obtained an access token, however, I am experiencing difficulty in retrieving files and folder requests. Please refer to the attached images for more information.API Request for getting access token

EndPoint:https://accounts.accesscontrol.windows.net/<Tenant Id>/tokens/OAuth/2/

POST /<Tenant Id>/tokens/OAuth/2/ HTTP/1.1
Host: accounts.accesscontrol.windows.net
Cookie: esctx=PAQABAAEAAAD--DLA3VO7QrddgJg7WevrQ2zm7id5dHijP-KNh0_nsy_HRv7Zbu-6H7sTe7hlArzkhSFqbVHuenAG9ExQIsQYbtrHIjBNNgV2JRx70Ls01rJRmxIaUzGMS-qWOYOvT4w_lm0bGcmVmUT7CWvkGUlPIAA; fpc=AlP6y8D8GRBCoEgfeLYN1RQMaUJ-AQAAAKoBt9sOAAAA; stsservicecookie=estsfd; x-ms-gateway-slice=estsfd
Content-Length: 641
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW

------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="grant_type"

client_credentials
------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="client_id"

<Client ID>@<Tenant ID>
------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="client_secret"

<Client Secret>
------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="resource"

00000003-0000-0ff1-ce00-000000000000/<Domain>.sharepoint.com@<Tenant ID>
------WebKitFormBoundary7MA4YWxkTrZu0gW--

I'm trying to send a REST API request from Postman to SharePoint, but I'm getting an error message that says:

{"error":"invalid_request","error_description":"Token type is not allowed."}

API Request for get files and folder

EndPoint:https://<Domain>.sharepoint.com/sites/WinFileMgmSite/_api/web/getfolderbyserverrelativeurl('Shared Documents/Salesforce')?$expand=Folders/ListItemAllFields/FieldValuesAsText,Files/ListItemAllFields/FieldValuesAsText

GET /sites/WinFileMgmSite/_api/web/getfolderbyserverrelativeurl('Shared Documents/Salesforce')?$expand=Folders/ListItemAllFields/FieldValuesAsText,Files/ListItemAllFields/FieldValuesAsText HTTP/1.1
Host: <Domain>.sharepoint.com
Accept: application/json;odata=verbose
Authorization: Bearer <Access Token>

I'm not sure what this error means or how to fix it. Here's what I've tried so far:

1. Checked that I have the correct permissions to access the SharePoint site. In the app’s Permission Request XML:

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="FullControl" />
</AppPermissionRequests>

2. Verified that I'm using the correct URL and HTTP method in my request.
3. Confirmed that my access token is valid and not expired.

Despite these checks, I'm still getting the same error. Can anyone suggest what might be causing this issue and how I can resolve it?

Thanks in advance for your help!

Answer 1

An error I encountered a while back. For newer tenants, this mode of authentication is disabled by default. You will find someone with the exact same issue here And the proposed solution

For new SharePoint subscription Grant App Permission is disabled by default or the browser link https://xxxx-admin.sharepoint.com/_layouts/15/appinv.aspx is disabled. To enable this feature, we need to connect to SharePoint using Windows PowerShell and then run Set-SPOTenant -DisableCustomAppAuthentication $False.