I have provided the intune license from endpoint manager. Below screenshot shows license is applied successfully.
Intune License for this user is in active state. No problem here.
When I making https://graph.microsoft.com/v1.0/me/licenseDetails api request. I am getting "provisioningStatus": "PendingInput". Please refer the below screenshot for reference.
What is the blocking here, since it is showing provisioningStatus as "PendingInput"
What should be done to make the provisioningStatus as "Success"?
is there any configuration or special approval is required from Company/User to make provisioningStatus as "Success"
The "PendingInput" status means that nothing has been provisioned (yet) for this customer. you can repeat the same command and see if Office 365 has made any progress yet;
for more ,please see the doc - https://learn.microsoft.com/en-us/archive/blogs/cloudpfe/how-to-tell-which-office-365-services-have-been-provisioned
or It takes time to update status
please check if the status has been updated
Related
For some reason I deleted so called brand entity at my gcloud console. Now I want to create new one using the command in the console:
gcloud alpha iap oauth-brands create --application_title='EmojiRave' --support_email='rebelusgames#gmail.com'
But the console returns me back : INVALID_ARGUMENT: Request contains an invalid argument.
I've used different formats (using brackets and without them)
I've checked whether I have enough permissions to do it (I use owner account, so it's enough permissions)
I'm desperate.
There are two potential reasons for the failure:
1. Incorrect email address. According to the docs: "This [support] email address can either be a user's address or a Google Groups alias. [...] Note: The user issuing the request must be an owner of the specified support email address."
2. Project is not in an organisation. According to this source (see under limitations): If you're [..] outside a Cloud Orginization most likely you'll get an error on step "Creating oauth brand".
Overall, my suggestion is to update the OAuth Consent Screen via GCP Console.
Go to the Google Cloud Platform Console.
From the projects list, select a project or create a new one.
If the APIs & services page isn't already open, click on the Navigation Menu on the upper left and select APIs & services.
On the left, click OAuth Consent Screen.
Click Edit App.
First, it's not possible to delete the OAuth Consent Screen (Brand) once created. This can be seen from #DaImTo's answer, and the lack of delete option in both gcloud command and in the console.
I also tested your command on my Cloud Shell and it works fine as well. I've checked the documentation with regards gcloud alpha iap oauth-brands and it is currently in ALPHA state. It may change without prior notice and it may not be stable or work to all users. If you still want to use the CLI and request to be allow-listed regarding this command, my suggestion is to contact sales, as instructed on the issue tracker you've made.
I have an application that uses the Microsoft Graph API to read and write emails from a mailbox.
I'm making a request to URL
GET https://graph.microsoft.com/v1.0/users/{user_id}/mailFolders/PublicFoldersRoot/childFolders
This used to work, but since April 2021 it broke and now returns an error
{
"error": {
"code": "ErrorMailboxMoveInProgress",
"message": "Mailbox move in progress. Try again later., Cross Server access is not allowed for mailbox UUID"
}
}
No mailboxes have been initiated to move in my account.
I found the same thread on this issue, but there is no solution yet. Mailbox move in progress.
I didn't find out any workaround. Please help if you know how to fix this.
Apologies for the inconvenience caused to you.
Could you please check if there are any mailboxes being moved?
You can use Poweshell Cmdlet Get-MoveRequest to check if there are any active requests.
If there aren't any, this could be an intermittent issue and should resolve itself without your intervention
However, if this is critical and affecting your production workloads, please reach out to Support as it would be difficult to debug this remotely.
You can also check if there are any service issues affecting your subscription from the Service Health page
Hope this helps. Thanks!
We have a need to post messages programmatically to Teams Channels and found the microsoft.graph.com API that should work for this. Unfortunately the GA release (v1.0) does not support Application Permissions and the only other way to Post a message seems to be to use the ROPC Auth flow, which is not allowed at my company.
After further research I found out that the documentation for the Beta release of this allows for using Application Permissions, which should work great for me. However, even though I added the "Teamwork.Migrate.All" permissions (Granting approved), I am still getting HTTP 401 Unauthorized.
I later found a second documentation page for the Beta release that does NOT specify Application Permissions as allowed for Posting a message in a Channel.
These are the two documentation pages with conflicting information:
https://learn.microsoft.com/en-us/graph/api/channel-post-message?view=graph-rest-beta&tabs=http - Application Permission allowed
https://learn.microsoft.com/en-us/graph/api/chatmessage-post?view=graph-rest-beta&tabs=http - Application Permission NOT allowed
Does someone know what is correct?
Also, is there currently any other way to post messages to Teams Channels programmatically?
Side note, the Bearer token I generate work fine for Getting Channel info, but not for Posting messages.
The first documentation is meant for "Create a new chatMessage in the specified channel", wherein the Second documentation is meant for "Create a new chatMessage in the specified channel or a chat". So there is a difference exists
Using Microsoft Graph I am successfully creating subscriptions, but when calling HTTP Patch to https://graph.microsoft.com/v1.0/subscriptions/ with a correct (works through Graph Explorer) json payload of
{ "expirationDateTime": "UTCTIME 2 minutes past current expiration"}
I always get 403 Forbidden as a result.
I have the permissions set (I think) correctly to Files.ReadWrite as per https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/subscription_update. These should be the same permissions as Creating the subscription so can someone help as to why I can create but not update?
The problem you reported should be fixed now. Please let me know if you're still seeing 403s on subscription update requests.
You should set the permission on project config but not only the apps.dev.microsoft or azure app portal.
If you not sure which config file to set, just get started from the official sample code, or just find the keywords "GraphScope" in your project and add the Files.ReadWrite.All.
You get 403 mainly caused by some wrong config. Still need to check on your side. We can just provide the suggestion to assist you.
I have registered my application here.
I have given all permissions to my App in that panel as well.
I specifically need Groups.ReadWrite.All which requires an admin ? requirement I am not sure what this even means.
https://apps.dev.microsoft.com/#/application/
Okay App is registered and redirect url has been copied.
Now I take that redirect url copy it and paste it into the admin panel for apps. At this link at App Registrations
https://portal.azure.com/
I am not sure why I have to register in two different panels, one which gives me a redirect url for my native app and the other that leaves it blank.
Great So then I setup my iOS app to make a graph request. This scope
https://graph.microsoft.com/Calendars.ReadWrite
I need to readwrite groups so I add this permission
https://graph.microsoft.com/Group.ReadWrite.All
It fails to authenticate.
I have checked that I have added the permissions to my app, and I have at this app registration panel https://apps.dev.microsoft.com/#/application/
Then I try to add the same permissions in the
https://portal.azure.com/
it gives me
Unable to Complete Request Validation Error, then doesn't do anything.
I tried to add a non admin permission same error.
So what is going on here ... ?
So even though they told me use the Graph API from now on moving forward in the docs I tried to go back to their office 365 SDK for iOS, it also has problems as I cannot get the pods to work as per instructions.
I am 100% sure after this issue is resolved I will need permissions
Note: I work at as a consultant for a bank so if someone can tell me what the azure administrator at the bank has to do to get my permissions escalated to admin status that would be great....
Thanks
Those are 2 different registrations,
Per this documentation (https://graph.microsoft.io/en-us/docs/authorization/auth_overview), for personal accounts like live.com or outlook.com, use the Azure AD v2.0, and for the enterprise, use the Azure AD.
So, for your case, I believe you need the latter, the azure AD.
For this to happen, as you said, go https://portal.azure.com/ and add the app registration.
In order to do so, you would need to
select "Azure Active Directory" and go "App registrations".
Once you create an app, you would need to select "native" for the iOS, and then under app access, under "required permissions" add "Microsoft Graph" followed by selected permissions you would like.
To answer the note, you would need permissions to create an app at the portal, otherwise, you would need to ask for that permission or have the admin create an app for you.
Some samples are available at https://github.com/microsoftgraph/ios-objectivec-connect-sample and https://github.com/microsoftgraph/ios-swift-connect-sample for iOS samples.
Hope this helps!