{"id":17953,"library":"sp-request","title":"Simplified SharePoint HTTP Client","description":"sp-request is a Node.js-specific HTTP client designed for simplified interaction with SharePoint REST APIs, supporting SharePoint 2013, SharePoint Online, and later versions. It is currently at version 3.0.0. The library abstracts SharePoint authentication using `node-sp-auth` and leverages the `got` library for making HTTP requests, providing a consistent API similar to `got`. This combination allows developers to send REST queries with various authentication options without manually managing authentication flows or request digests. It is strictly for server-side (Node.js) usage and does not support browser environments. While a specific release cadence isn't detailed, the presence of a 3.x upgrade guide indicates ongoing development. Key differentiators include its focus on Node.js, seamless integration with `node-sp-auth` for diverse authentication strategies, and a `got`-like request syntax.","status":"active","version":"3.0.0","language":"javascript","source_language":"en","source_url":"https://github.com/s-KaiNet/sp-request","tags":["javascript","request","sharepoint","rest","typescript"],"install":[{"cmd":"npm install sp-request","lang":"bash","label":"npm"},{"cmd":"yarn add sp-request","lang":"bash","label":"yarn"},{"cmd":"pnpm add sp-request","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Underlying HTTP request library that sp-request wraps for making network calls.","package":"got"},{"reason":"Handles all SharePoint authentication mechanisms, abstracting credential management.","package":"node-sp-auth"}],"imports":[{"note":"The library primarily exports a module object with methods like 'create', which is best consumed via a namespace import in ESM or `require` in CJS.","wrong":"import sprequest from 'sp-request';","symbol":"sprequest","correct":"import * as sprequest from 'sp-request';"},{"note":"The `create` method is a property of the main `sprequest` module object, not a named export directly from the package root.","wrong":"import { create } from 'sp-request';","symbol":"create","correct":"import * as sprequest from 'sp-request';\nconst spr = sprequest.create(credentialOptions);"},{"note":"For CommonJS environments, this is the standard way to import the module. The `create` method is accessed via `sprequest.create`.","symbol":"sprequest (CommonJS)","correct":"const sprequest = require('sp-request');\nconst spr = sprequest.create(credentialOptions);"}],"quickstart":{"code":"import * as sprequest from 'sp-request';\nimport * as process from 'process';\n\n// In a real application, retrieve these securely, e.g., from environment variables or a config service.\n// This example uses dummy values for demonstration. For specific auth types and options,\n// refer to the `node-sp-auth` documentation (https://github.com/s-KaiNet/node-sp-auth#params).\nconst credentialOptions = {\n  // Example for SharePoint Online App-Only via Client ID/Secret:\n  // clientId: process.env.SP_CLIENT_ID ?? 'your-client-id',\n  // clientSecret: process.env.SP_CLIENT_SECRET ?? 'your-client-secret',\n\n  // Example for SharePoint Online with ADFS/Forms auth via username/password:\n  username: process.env.SP_USERNAME ?? 'user@yourtenant.onmicrosoft.com',\n  password: process.env.SP_PASSWORD ?? 'YourSecurePassword123!',\n  siteUrl: process.env.SP_SITE_URL ?? 'https://yourtenant.sharepoint.com/sites/dev' // Your SharePoint site URL\n};\n\n// Create an authenticated sprequest instance\nconst spr = sprequest.create(credentialOptions);\n\n// Example: Get a SharePoint list by its title\nconst listTitle = 'Announcements'; // Replace with an actual list title in your site\nconst sharePointSiteUrl = credentialOptions.siteUrl; \n\nspr.get(`${sharePointSiteUrl}/_api/web/lists/GetByTitle('${listTitle}')`)\n  .then(response => {\n    if (response.body && response.body.d) {\n      console.log(`Successfully retrieved list: '${listTitle}'`);\n      console.log('List Id: ' + response.body.d.Id);\n      console.log('List Title: ' + response.body.d.Title);\n    } else {\n      console.log('Unexpected response structure:', response.body);\n    }\n  })\n  .catch(err => {\n    console.error(`Failed to retrieve list '${listTitle}':`);\n    if (err.response) {\n      console.error(`Status Code: ${err.response.statusCode}`);\n      console.error(`Response Body: ${JSON.stringify(err.response.body, null, 2)}`);\n    } else {\n      console.error(err);\n    }\n  });\n","lang":"typescript","description":"Demonstrates installation, creating an authenticated `sp-request` instance, and performing a basic GET request to retrieve a SharePoint list by title using environment variables for credentials."},"warnings":[{"fix":"Refer to the official `sp-request` upgrade guide for detailed instructions on migrating your codebase from 2.x to 3.x.","message":"Upgrading from version 2.x to 3.x involves breaking changes. Developers should consult the `Upgrade guide` mentioned in the README for specific migration steps and API adjustments.","severity":"breaking","affected_versions":">=3.0.0"},{"fix":"For browser-based SharePoint interactions, consider using `sp-rest-proxy` in conjunction with `PnPjs` or similar client-side libraries. `sp-request` is server-side only.","message":"This module is strictly designed for Node.js environments and does not work in browsers. Attempting to use it in a browser context will result in errors.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Carefully review the `node-sp-auth` documentation (https://github.com/s-KaiNet/node-sp-auth#params) to ensure `credentialOptions` are correctly configured for your specific SharePoint environment and desired authentication method.","message":"`sp-request` relies on `node-sp-auth` for all authentication. Users must provide valid `credentialOptions` as defined by `node-sp-auth`, which can be complex depending on the SharePoint environment (Online, On-Prem, ADFS, App-Only, etc.). Incorrect options will lead to authentication failures.","severity":"gotcha","affected_versions":">=2.0.0"},{"fix":"For production deployments, ensure `rejectUnauthorized` is explicitly set to `true` (if possible for your environment) or that proper certificate trust is established. Be aware that this default simplifies initial setup but should be addressed for security.","message":"By default, `sp-request` sets `rejectUnauthorized: false` for the underlying `got` requests. While this can simplify development with self-signed certificates, it poses a security risk in production environments as it disables SSL certificate validation. This could make your application vulnerable to man-in-the-middle attacks.","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-23T00:00:00.000Z","next_check":"2026-07-22T00:00:00.000Z","problems":[{"fix":"Double-check all `credentialOptions` (siteUrl, username, password, client ID/secret), verify network connectivity to the SharePoint instance, and ensure the SharePoint URL is correct and accessible from the Node.js host.","cause":"A generic network issue, incorrect SharePoint URL, or failed authentication due to invalid credentials, incorrect tenant configuration, or misconfigured `node-sp-auth` options.","error":"Error: read ECONNRESET / 401 Unauthorized / Ohhh, something went wrong..."},{"fix":"Verify the SharePoint REST API endpoint and object identifiers (e.g., list title, item ID) are accurate. Confirm the authenticated user has appropriate permissions to the resource.","cause":"The requested SharePoint resource (e.g., list, file, web, API endpoint) does not exist at the specified URL path, or the authenticated user lacks permissions to see it.","error":"Error: Request failed with status code 404 (Not Found)"},{"fix":"Review the SharePoint ULS logs (for on-prem) or SharePoint diagnostic logs (for Online) to get more details about the server error. Ensure the request body, headers, and API calls conform to SharePoint's expectations. Regenerate `X-RequestDigest` if applicable.","cause":"An unhandled exception occurred on the SharePoint server during request processing, possibly due to an invalid request body, headers (like `X-RequestDigest`), or server-side custom code issues.","error":"Response code 500 (Internal Server Error)"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}