Enable anonymous access for Javascript Client Object Model RRS feed

  • Question

  • In SharePoint 2010 it was possible to use the Javascript Client Object Model with anonymous access enabled by removing "GetItems" from the ClientCallableSettings.AnonymousRestrictedTypes.

    In SharePoint 2013 however, it seems that an extra security barrier has been implemented. Trying to use the Javascript Client Object Model results in the following message: "Access denied. You do not have permission to perform this action or access this resource."

    After this I went on to do a little research, and it appears that Javascript Client Object Model actually relies on the REST API (please correct me if I'm mistaken), and the REST API also doesn't seem to work as an anonymous user.

    So I'm in the dark here. I can't imagine that SharePoint 2013 (so heavily relying on the client object model) can't be used with anonymous access. I've also found very little documentation on anonymous access in combination with SharePoint 2013.

    So, how do I enable the Javascript Client Object Model to be used with anonymous access enabled?


    P.S. Needless to say, my web application is enabled for anonymous access and so is my site collection.

    • Edited by Merkie Wednesday, January 9, 2013 3:55 PM
    Wednesday, January 9, 2013 3:55 PM

All replies

  • Hello Merkie,
    Have you found answers on your questions? I have just found that anonymous access is disabled for _vti_bin/ListData.svc and it is explained here http://allthatjs.com/2012/07/20/limitations-of-sharepoint-listdata-svc/, but I didn't check the the JavaScript Client Object Model yet. 
    Sunday, February 10, 2013 11:15 AM
  • Yes. It's as easy as disabling the "Require Use Remote Interface Permission" of the web application.

    1. Go to Central Administration
    2. Go to Manage Web Application
    3. Select your Web App
    4. Click on Authentication Providers in the ribbon
    5. Click zone "Default".
    6. Uncheck "Require Use Remote Interfaces Permission"

    This should be equivalent to how client API's worked with SharePoint 2010.

    Tuesday, February 19, 2013 11:07 PM
  • Hi Merkie,

    I have exactly the same problem but with SharePoint online (365).

    Did you find a solution?


    Wednesday, February 27, 2013 3:32 PM
  • Hi Merkie,

    How to Uncheck the "Require Use Remote Interfaces Permission" check box using PowerShell script? I am able to set the anonymous access using PowerShell script.Kindly help me in this.



    Wednesday, May 22, 2013 12:57 PM
  • I'm afraid SharePoint 365 will not allow you to change this setting.
    Wednesday, May 22, 2013 1:07 PM
  • Hi,

    I have the same problem. I want to add some items in a list from the public site (Office 365, Enterprise E1), but I get the same "Access Denied ..." exception. Did you solved this issue?



    Wednesday, May 29, 2013 8:35 AM
  • Hi,

    Anybody has an answer for this? I just want to build a "Contact Us" form, and to be used from the public site. I can't believe you can't insert some items in a list from the public site. Then what's the purpose of the public site? To display only static content?

    Thank you,


    Tuesday, June 4, 2013 1:55 PM
  • There are really 4 things you need to do to enable anonymous access:

    1. In web application level, enable anonymous.

    2. In site collection level, make sure anonymous access Entire Website.

    3. In Web level, set Full Permission Masks, till here, you're able to anonymously access REST APIs.

    # Enable Anonymous access
    $web = Get-SPWeb $url
    if($web -ne $null)
        Write-Host -ForegroundColor Yellow "Enabling Anonymous access on:" $web.Url
        $web.AnonymousState = "On"
        Write-Host -ForegroundColor Yellow "AnonymousState set to:" $web.AnonymousState
        $web.AnonymousPermMask64 = "FullMask"
        Write-Host -ForegroundColor Yellow "AnonymousPermMask64 set to:" $web.AnonymousPermMask64

    Below are the things to enable anonymous client object model APIs:

    4. In web application level, Require Use Remote Interfaces Permission - uncheck it.

    5. In web application level, Anonymous Restricted Types, remove all of them:


    • Proposed as answer by Aviw_ Thursday, April 23, 2015 1:51 PM
    Thursday, October 10, 2013 3:46 AM
  • Has anyone yet found a answer on that for SharePoint 2013 Online (Office 365).
    We have the same problem, that we want to write contact form entries back to a sharepoint list
    and therefore are using CSOM with Javascript to write the entries back to sharepoint.

    Everything works fine within an authenticated context but fails on anonymous access.

    Your help is really appreciated!

    Thanks and best regards

    Monday, December 16, 2013 5:34 PM
  • We exactly have the same problem. We're using the public website feature from Office 365 and need a "Call me back" button. Therefor we need anonymous access to (contribute to) a list. I really don't know how to do so. Any tips? We're able to define a button, to pop-up a dialogbox, but not to show the field in the dialogbox. Only if we're logged in, we are able to see the fields en fill them. In the sharepoint settings is choosen for acces for anonymous users and at the list sessings also, but... it won't work.. What can we do?
    Tuesday, March 18, 2014 1:58 PM
  • You can use Sp Services in office 365 site with limitation ,you can only read list items ,

    Not able to delete or add 



    Tuesday, September 23, 2014 10:35 AM
  • for sharepoint 2013 office 365 I have reach one step up but not fully.

    if you want to give direct list access to anonumous user then use this third party solution.


    but above doesen't support with CSOM, for that I have find out the other solution to set the API permission for anonymous user, but then my error is narrow down but still I am finding to solve the following error message.

    "The method "GetItems" of the type "List" with id "{}" is blocked by the administrator on the server."

    Given script inside the below link run only once with the site collection admin account then after remove the script and try to add list item using anonymous user 


    Wednesday, September 24, 2014 8:57 AM
  • Thank you for your help Aviw_

    nr #1 #2 and #4 was correct on my system
    nr #3 and #5 was not

    I have a hostnamed site collection with multiple subsites, the portal site is the root site
    Here is my script based on your solution for this problem:
    foreach ($site in (Get-SPSite | where {$_.url -notmatch 'portal'})){
    write-host -ForegroundColor Green "fixing:" $site.url
    $web = Get-SPWeb $site.url
    if($web -ne $null)
        Write-Host -ForegroundColor Yellow "Enabling Anonymous access on:" $web.Url
        $web.AnonymousState = "On"
        Write-Host -ForegroundColor Yellow "AnonymousState set to:" $web.AnonymousState
        $web.AnonymousPermMask64 = "FullMask"
        Write-Host -ForegroundColor Yellow "AnonymousPermMask64 set to:" $web.AnonymousPermMask64
    $app = Get-SPWebApplication
    keywords: REST, API, queryparametertemplate.xml, anonymous, searchrelated.js, related search works with authenticated users not with anonymous users

    Thursday, September 10, 2015 9:22 AM
  • Hi,

    I am getting same issue in SharePoint on Premise + JSOM. ON ExecusteAsync function i got this error. Below is the image for the error occurred in console.  I have done all above configuration and PowerShell scripts. But no success.


    Also the the PowerShell result, as below image.

    $wa = Get-SPWebApplication http://www.aaaa/

    If somebody have any idea then please let me know. I have invested 3 days in these issues. Thanks in advance

    Thursday, March 3, 2016 6:10 AM
  • Hi,

    You have to give permissions for the site as well.

    Check this,



    • Proposed as answer by stak9999 Monday, January 16, 2017 12:11 PM
    Monday, January 16, 2017 12:11 PM