Symptom
This issue can present in several ways, listed below. It is seen when attempting to create a new backup set for OneDrive, SharePoint or Teams. Exchange is not affected.
- The following error presents in the RedApp: "Access denied: The app needs access to a service ('https://*onenote.com/'). Please log in to this service first before creating new backups."
- You may see no error, but you will be returned to the Select Service screen after authenticating, instead of progressing to the permissions step.
- You may see "access denied" in the URL.
- You may see one or both of the following errors in your browser's developer tools:
Refused to load the script '{scriptPath}' because it violates the following Content Security Policy directive: "script-src {policyPath} 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-lem' was not explicitly set, so 'script-src' is used as a fallback.
The app is trying to access a service ‘{appId}’ ({appName}) that your organization '{organization name}' lacks a service principal for. Contact your IT Admin to review the configuration of your service subscriptions or consent to the application in order to create the required service principal.
Cause
The RedApp requires permissions to the OneNote API in order to protect M365 data. Although OneNote is included in all M365 Business plans, the OneNote service is not auto-linked to a subscription as is the case with Exchange, OneDrive, SharePoint, and Teams. This error will therefore occur even if no user in the Microsoft tenant uses the OneNote service.
Solution
To link the OneNote service to a subscription, a user (any user in the relevant tenant) must log into OneNote, either via the desktop app or via the OneNote web app. Once the service has been accessed, you will be able to create backup sets and authenticate without encountering the above errors. It is normally not necessary to create a notebook or take any further action. However, if the problem persists, you can proceed to create a notebook, which is likely to resolve the problem.
Comments
0 comments
Please sign in to leave a comment.