Sites.Selected per-site write grant returns 401 "not allowed in this context" for an Entra Agent ID identity (Preview), works for a normal service principal

Question

Sites.Selected per-site write grant returns 401 "not allowed in this context" for an Entra Agent ID identity (Preview), works for a normal service principal

Derek Morgan II 0

Setup I have a headless app-only agent built on Microsoft Entra Agent ID (Preview). It authenticates through the Microsoft Entra Auth SDK sidecar 2-leg exchange, so the token subject is the agent identity, not the blueprint principal. I verified that in the sign-in logs.

The agent is granted Microsoft Graph Sites.Selected (application), and I added a per-site write grant on the target site via permissions with roles: ["write"]. permissions confirms the grant is present for the agent's appId.

Problem When the agent calls content to upload a file, Graph returns:

HTTP 401 - unauthenticated: Request is not allowed in this context

Reads against the same site under the agent token also fail the same way.

What I ruled out The identical code path, same site, same per-site Sites.Selected write grant, succeeds when the caller is a normal Entra app registration's service principal. It fails only when the caller is the agent identity. So this isn't the site grant, the drive path, or DisableCustomAppAuthentication. The single variable is the agent identity as the token subject.

Question Is Sites.Selected expected to be honored for Entra Agent ID identity tokens in the current Preview, or is SharePoint not yet accepting app-only agent-identity tokens? If it's supported, what am I missing? If it's a known Preview gap, is there a tracking item or ETA?

Tenant and app IDs available on request. Happy to share correlation IDs.

Rukmini 42,510 Reputation points Microsoft External Staff Moderator

2026-06-12T22:50:34.5433333+00:00
Hey Derek — I see what you’re trying to do: use Microsoft Entra Agent ID (Preview) so the token subject is the agent identity, not the “blueprint” app/service principal, grant the agent Graph Sites.Selected, and then call Microsoft Graph to access SharePoint content. In your case, Graph returns:

401 unauthenticated: Request is not allowed in this context

and it also fails for reads, while the same code + same site + same per-site Sites.Selected write grant works when the caller is a normal Entra app’s service principal.

What we can and can’t confirm from the provided documentation

From the documentation provided, there is relevant info about Microsoft Entra Agent ID platform behavior in Microsoft Graph:

Some Microsoft Graph permissions are explicitly blocked for agents (see “Microsoft Graph permissions blocked for agents” in the Microsoft Entra Agent ID APIs overview).

However, the excerpt you provided lists many blocked permissions, but it does not include Sites.Selected. So based strictly on the provided docs, we can’t confirm whether Sites.Selected is supported or blocked for Entra Agent ID identities in Preview.

Separately, the Application Insights Entra-auth documentation is about authenticating telemetry ingestion (not SharePoint/Graph authorization), so it doesn’t map to your Sites.Selected / SharePoint 401 scenario.

Most likely explanation (based on what’s known from the provided Agent ID Graph overview)

Given that:

the error is 401 unauthenticated / “not allowed in this context”

your permissions are working for a normal service principal, but not for agent identity tokens

and the provided Agent ID overview says Graph permissions may be blocked for agents

…the behavior you’re seeing strongly suggests that the permission you’re using (or some part of the request context) isn’t currently honored for Entra Agent ID tokens in this Preview scenario—either because:

Sites.Selected (or an underlying authorization path) is not supported for agent identities, or

the agent identity token is valid, but the Graph permission model for agents treats it differently than service principals.

But again: the provided docs don’t explicitly confirm Sites.Selected in particular.

What to do next (practical checks you can do)

Verify whether Sites.Selected is in the “permissions blocked for agents” list for the Entra Agent ID Graph overview.

If it’s listed as blocked (not shown in your excerpt), that would directly explain the 401/“not allowed in this context”.

If Sites.Selected is not listed as blocked, then the next thing to check is whether per-site SharePoint grants work differently for agent identity tokens (i.e., you may be hitting a Preview support gap rather than a clear “blocked permission” case).

Follow-up questions (to determine exact support/known gap)

To help nail down whether this is a permission-blocking gap vs. a different authorization/context issue, can you share:

In the Graph Agent ID APIs overview page, is Sites.Selected specifically called out as blocked for agents (application permissions) or not?

Are you using application permissions (Sites.Selected as application), or is there any delegated scope in the request?

What exact Graph endpoint are you calling for upload/read (e.g., the specific /drives/.../items/...:/content style endpoint)?

Can you provide the HTTP WWW-Authenticate header (if present) and any Graph response body error details beyond the top-level 401 message?

Are you seeing the same failure across multiple sites, or only particular ones where you set per-site grants?

Reference list (all relevant documentation provided)

Microsoft Entra Agent ID APIs in Microsoft Graph overview (includes “Microsoft Graph permissions blocked for agents”) https://learn.microsoft.com/graph/api/resources/agentid-platform-overview?view=graph-rest-1.0&wt.mc_id=knowledgesearch_inproduct_azure-cxp-community-insider

If you answer Q1 above (whether Sites.Selected is explicitly blocked for agents), we can give a much more definitive “this is expected / known gap” style forum response.

Note: This content was drafted with the help of an AI system.

1 answer

Your answer

Answer 1

SharePoint and Microsoft Graph Sites.Selected behave differently depending on the type of identity and token used. The available guidance in the context shows:

Sites.Selected is enforced per site, and access is granted only when:
- The app has the Sites.Selected application permission.
- A per-site permission (for example write) is granted via Microsoft Graph or PnP PowerShell.
- The app uses an application-only access token (no user) to call SharePoint/Graph.
When these conditions are met, application-only access works for standard Microsoft Entra app registrations (service principals) and is explicitly documented and supported.
For the SharePoint tool with the agent API, the documentation explicitly states that application-only authentication is not supported and that user identity (identity passthrough) is required; app-only OBO tokens are rejected with AuthenticationError: AppOnly OBO tokens not supported by target service.

In the provided material, there is no statement that SharePoint or Microsoft Graph currently support app-only access using Microsoft Entra Agent ID identity tokens in the same way as standard service principals. The troubleshooting guidance for the SharePoint tool instead emphasizes that:

Application-only identity is not supported for that tool.
User identity passthrough is required.

Given this, the behavior described (standard service principal working with Sites.Selected while the agent identity fails with 401 "not allowed in this context") is consistent with a current limitation: the target SharePoint/Graph surface is not yet accepting app-only tokens issued for agent identities in the same way as for regular app registrations.

The context does not provide any indication that this is already supported for Entra Agent ID, nor does it provide a tracking item or ETA for enabling it. It only documents the general Sites.Selected model and the requirement for user identity in the SharePoint tool scenario.

The only fully documented and supported pattern in the context for SharePoint access is:

Use a standard Microsoft Entra application registration with Sites.Selected application permission.
Grant per-site permissions via Microsoft Graph (/sites/{siteId}/permissions) or PnP PowerShell (Grant-PnPAzureAdAppSitePermission).
Use an application-only token for that app to access the selected sites.

Until there is explicit documentation that SharePoint/Graph accept app-only agent identity tokens for Sites.Selected, the supported workaround based on the available material is to continue using a regular app registration/service principal for app-only Sites.Selected scenarios, or to use user identity passthrough where required.

References:

Share via

Sites.Selected per-site write grant returns 401 "not allowed in this context" for an Entra Agent ID identity (Preview), works for a normal service principal

What we can and can’t confirm from the provided documentation

Most likely explanation (based on what’s known from the provided Agent ID Graph overview)

What to do next (practical checks you can do)

Follow-up questions (to determine exact support/known gap)

Reference list (all relevant documentation provided)

1 answer

Your answer