getting 404 in microsoft graph explorer for onedrive - microsoft-graph-api

I have logged into the graph explorer https://developer.microsoft.com/en-us/graph/graph-explorer but when I try to retrieve a list of all files in my onedrive I get a 404 response, any ideas of why that is?
update, when I click the user account I see that I need to consent to permissions, and after I log on as the administrator I can consent to the permissions, but after I go back to the graph explorer and sign in with the user account (not the admin account) I still get the 404 error, and if I once more check the permissions they are gone?

I tried to repo the same , and i am getting list of all items in OneDrive .You are getting "error 404 - Page Not Found" which you entered wrong URL , make sure you call correct URL - https://graph.microsoft.com/v1.0/me/drive/root/children

Sorry I had given the wrong permissions for this

Related

Microsoft Graph - get Outlook Calender events - 403 Forbidden

I tried to receive all events for an Microsoft 365 User. It's a business license and a add an App with all User/Mail/Calendar Permissions (also consent granted) to Api permissions.
When running this command or some similar like in the documentation I got 403
Client error: `GET https://graph.microsoft.com/v1.0/users/xxxxxxxxxxxxxxxxxxxx/events` resulted in a `403 Forbidden` re
sponse:
{"error":{"code":"ErrorAccessDenied","message":"Access is denied. Check credentials and try again."}}
What did I do wrong? I also tried the Graph Explorer (with logged in user).
Are the permissions you are assigning delegated or application permissions?
If you are using application permissions for your App Registration then you need to give access on the user's calendar to the app (probably by using a new service principal on exchange online).
If you are using delegated permissions then you should check the access token you are getting for validation in jwt.ms
Bear in mind that Graph explorer with logged in user needs different permissions than your App Registration. ( it's a different app registration altogether )
Seems like I had the same issue https://learn.microsoft.com/en-us/answers/questions/1165285/microsoft-graph-get-outlook-calendar-events-403?page=1&orderby=Helpful&comment=answer-1168253#newest-answer-comment
The fix was to remove all the other permissions and just give it

Microsoft Graph API - MailboxNotEnabledForRESTAPI 404 error on beta/users/{id}/photo

I am trying to fetch users profile photo using the beta endpoint beta/users/{id}/photo of the Microsoft Graph API
but I get a 404 MailboxNotEnabledForRESTAPI error
error: {
code: 'MailboxNotEnabledForRESTAPI',
message: 'REST API is not yet supported for this mailbox.'
...
The error does not make sense because I am trying to access Azure Ad profile picture which should not have anything to do with mailbox.
Would anyone know if I am missing something?
The endpoint you're using says the following about getting a user picture:
Note: When attempting to GET a user photo, this operation first attempts to retrieve the specified photo from Microsoft 365. If the photo is not available in Microsoft 365, the API attempts to retrieve the photo from Azure Active Directory.
Historically the user profile picture was stored in the Exchange server, apparently they are now also saving the image somewhere else.
To check your issue, I've added a picture to a user that doesn't have any license. And started trying requests in the Graph Explorer
Request to v1.0/users/upn_here/photo ❌ failed with ResourceNotFound -> Resource could not be discovered.
Request to beta/users/upn_here/photo ✔ gives me information about the image (eg. size)
Request to v1.0/users/upn_here/photo/$value ❌ failed with ResourceNotFound -> Resource could not be discovered.
Request to beta/users/upn_here/photo/$value ✔ gives me the image. (I see the picture I uploaded before).
You should check the used access token, copy the token and paste it here https://jwt.ms (Microsoft owned page to show you the data in the token).
According to the docs you'll need at least the delegated User.Read scope or the application scope User.Read.All.

ResourceNotFound Microsoft Graph Api with correct token

I want to use microsoft graph API in my application without user. For I got access token by tenant id (a8ef7dd1-217d-430f-9ba0-4dd465b9098d) using this url
https://login.microsoftonline.com/a8ef7dd1-217d-430f-9ba0-4dd465b9098d/oauth2/v2.0/token
I see correct result after this request.
Afte that I try to get user using this url
https://graph.microsoft.com/v1.0/users
It also works fine for me.
Example response: {"#odata.context":"https://graph.microsoft.com/v1.0/$metadata#users","value":[{"businessPhones":[],"displayName":"IOTA CLM","givenName":"IOTA","jobTitle":null,"mail":null,"mobilePhone":null,"officeLocation":null,"preferredLanguage":null,"surname":"CLM","userPrincipalName":"clm-iota_outlook.com#EXT##clmiotaoutlook.onmicrosoft.com","id":"50ecbaed-9cee-411f-abb6-5e53e2a1051a"}]}
But if I try to get mailFolders using next get request
https://graph.microsoft.com/v1.0/users/50ecbaed-9cee-411f-abb6-5e53e2a1051a/mailFolders
I see 404 error :
"code": "ResourceNotFound",
"message": "Resource could not be discovered."
What I missed?
Are you sure that that user has a mailbox?
Make sure you have the correct permissions? To access mail, you require Mail.Read application permissions that have been admin consented. https://learn.microsoft.com/en-us/graph/api/user-list-messages?view=graph-rest-1.0
You can admin consent where you've registered the application in the portal in the "Permissions" tab of the application. https://aad.portal.azure.com
I've had the same error.
You probably didn't assign a license while adding users at https://admin.microsoft.com
If you go to the Microsoft site, you will find that you need to license Exchange Online to use the Exchange Online feature.
https://learn.microsoft.com/en-us/exchange/exchange-online
Check it out!

Getting Unable to retrieve user's mysite URL even if the drive exists

When querying the Graph with the PHP library for a given drive I receive 400 Unable to retrieve user's mysite URL or 429 Too many requests.
When I call for example https://graph.microsoft.com/v1.0/users/b0633c25-2655-4dfe-a2b2-078e4310deba/drive with the PHP library it gives this weird result. When I query the same url in the Graph Explorer. It works like a charm.
I've set up the permissions as described in the docs and have the E3 Developers subscription that is still valid.
What am I missing?
The error message is misleading and does not mention billing as it should.
Check your Billing > Your Products (subscription) in your Microsoft 365 Admin and then try again.
The best way to test is:
https://developer.microsoft.com/en-us/graph/graph-explorer
The current error seems like user does not have ODFB(OneDrive For Business) site created, you can check if the user have create OneDrive site(the OneDrive site will be created while the user first time to use it).
To debug that issue for now, try to use Graph Explorer https://developer.microsoft.com/en-us/graph/graph-explorer# and login with your user account.
If you can access /me then try accessing /me/drive/root and you will get details about ODFB Doc Lib for current user if it exist.
we can get results with the following link for login-in user
https://graph.microsoft.com/v1.0/me/drive/root/children
Reference for you: https://github.com/microsoftgraph/microsoft-graph-docs/issues/1354

graph api token creations fails due to Unknown SSL protocol error in connection to login.window.net:443. Graph explorer also not working

I am trying to implement user creation in Azure AD. Tried graph explorer with the below link. But it is not working, showing "We had an issue sending this request to the Graph API".
https://login.windows.net/oauth2/token?api-version=2.0
Also tried in localhost, then shows:
Curl error: Unknown SSL protocol error in connection to
login.window.net:443
Please help me?
That link is to try and acquire a token. That is unnecessary in Graph Explorer. Just click the "Sign-in with Microsoft" button, and enter your tenant admin credentials. Then select POST for the operation and https://graph.microsoft.com/v1.0/users. In the request body put the properties that are required to created a new user, as described in https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/user_post_users. NOTE: When trying this operation, you may be required to consent for administrative permissions - make sure you select User.ReadWrite.All, and consent.
Hope this helps,

Resources