SharePoint 2013 Workflow - App Permissions

Scenario

Create a SharePoint Designer 2013 Workflow associated with the security list and set it to start automatically when a list item is created. Once the user submits his comment, the Workflow will create the list item in the security list with the use of an app step. The initiator does not always have the rights to complete all the actions within the Workflow, for example, when the Workflow needs to create new items. With SharePoint 2013 Workflows, it is possible to use app step action to give the Workflow its own permission set, if the Workflow’s own permission is not set. In such a situation, the Workflow gets Suspended. I noticed the occurrence of this scenario when I used the app step. Looking at the Suspended state, there is an icon, which shows an error when clicked.

Details

An unhandled exception occurred during the execution of the Workflow instance. Exception details: System.ApplicationException: HTTP 401 {“error_description”:”The Server was unable to process the request due to an internal error.

Solutions

To allow Workflow to use app permissions

1. Go to Site settings-->Manage Features
   
   
   
   
2. Activate Workflows can use app permissions.
   
   
   

Steps

1. Go to Site Settings.
2. In the Users and Permissions section, select Site app permissions.
   
   
   
   
3. Copy the client section of the app identifier. This is the identifier between the last "|" and the "@" sign. Select App Identifier.
   
   
   
   
4. Navigate to the Grant permission to an app page. This must be done by browsing to the appinv.aspx page of the site.
   
   
5. Fill in the App Id and click Lookup.
   
   
   
   
6. The fields Title, App Domain and Redirect URL will be filled in automatically.
   
   
7. Paste XML code given below into Permission Request XLM textbox to the grant the Workflow app step full control.
   
   1. http: //}hostname}/{the Site Collection}/_layouts/15/appinv.aspx  
   2. < AppPermissionRequests > < AppPermissionRequest Scope = "http://sharepoint/content/sitecollection/web"  
   3. Right = "FullControl" / > < /AppPermissionRequests>  
8. Click Create and Trust It.
   
   
   Note
   1. There are no placeholders in the Scope value above. It is a literal value. Enter it exactly, as it appears here.
   2. If you are facing any issue, please copy the text given above, which is taken from MSDN article whose link is given below.
9. Click Create.
   
   
10. You will then be asked to trust the Workflow app. Click Trust It.

Please follow the MSDN article given below for more reference to configure the app step.

https://msdn.microsoft.com/en-us/library/office/jj822159.aspx