I am accessing the Graph Api endpoint:
https://graph.microsoft.com/v1.0/me/sendMail
I retrieve the access token from Graph Explorer and use it as a Bearer token in Postman.
I also set Content-Type in the header to "application/json".
I set the Body as
{
"message": {
"subject": "Meet for lunch?",
"body": {
"contentType": "Text",
"content": "The new cafeteria is open."
},
"toRecipients": [
{
"emailAddress": {
"address": "testuser#acme.com"
}
}
]
}
}
Through Graph Explorer I have given consent for Mail.Send
It works fine in Postman. I set the scope in my c# app as Mail.Send, but when i send the request it gives the error
{StatusCode: 403, ReasonPhrase: 'Forbidden'
What other permission do i need to set ?
Related
I'm trying to share SharePoint directory so specific user invite the invite API endpoint from Microsoft Graph : https://learn.microsoft.com/en-us/graph/api/driveitem-invite
Every time I do the request, I'm receiving a "400 - Bad request" response.
Here is my request:
https://graph.microsoft.com/v1.0/sites/***/drives/***/items/***/invite
Here is the payload:
{
"requireSignIn": true,
"sendInvitation": false,
"roles": [
"read"
],
"recipients": [
{
"email": "***#***.***"
}
]
}
It used to work perfectly.
I'm trying to create events in my personal calendar (Office 365 account) with Graph API. I create a instance on my tenant on Azure with the following delegated permissions: Calendars.Read, Calendars.ReadWrite, email, offline_access, openid, profile and User.Read.
The oAuth2 sign-in occours as expected and I receive both the bearer_token and the refresh_token, using the /.default scope. But when I try to make the request:
POST /v1.0/me/calendar/events HTTP/1.1
Host: graph.microsoft.com
Authorization: Bearer eyJ0eXAi...
Content-Type: application/json
{
"subject": "Example",
"body": {
"contentType": "text",
"content": "Example description"
},
"start": {
"dateTime": "2020-09-01T12:00:00.000Z",
"timeZone": "America/Sao_Paulo"
},
"end": {
"dateTime": "2020-09-01T13:00:00.000Z",
"timeZone": "America/Sao_Paulo"
},
"location": {
"displayName": "Example location",
"locationUri": "https://example/uri"
}
}
I get this response:
{
"error": {
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"innerError": {
"date": "2020-08-31T22:18:15",
"request-id": "f03d0bdf-1a9c-41f4-a236-1c5a41a5d286"
}
}
}
I already had discarted that is a mailbox problem, because with Graph Explorer I can make the request and change my calendar, so I'm willing to think that is a permission problem.
I found out, the problem was not with the Graph request, but with the authentication request.
When you log into Graph API with a coorporative account, the requests to get the bearer_token are:
https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize
https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token.
But when you use a personal account, the endpoints are:
https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize
https://login.microsoftonline.com/consumers/oauth2/v2.0/token.
Using the tenantId will authenticate, but the user data will not be found in the tenant, giving the error I got.
We implemented oauth2 microsoft graph integration using node sdk. Mostly we use it for reading and sending emails. We already have some customers using our integration, but there's one customer that we are not able to get / send emails from his account. we get a 404 for everything we try to do using his access/refresh token.
this is one example:
POST https://graph.microsoft.com/v1.0/users/me/sendMail
Content-type: application/json
Content-length: 512
{
"message": {
"subject": "...",
"body": {
"contentType": "Text",
"content": "..."
},
"toRecipients": [
{
"emailAddress": {
"address": "...#....com"
}
}
],
}
}
And the response we are getting is:
{
"statusCode": 404,
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"requestId": "b5f8efca-53ff-4cf1-978e-c4f745fcbbc1",
"date": "2018 - 01 - 20 T23: 13: 27.000 Z",
"body": {
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"innerError": {
"request-id": "b5f8efca-53ff-4cf1-978e-c4f745fcbbc1",
"date": "2018-01-20T23:13:27"
}
}
}
Looking for some similar issues, we found Office365 API returns 404 on GetCalendars on some accounts
where they say that the customer's mailbox might not be hosted in Office 365.There's a way to check using the requestId if this is the problem with our request? Or there's a way to find out without needing to ask the customer to try to sign in using OWA?
The URL https://graph.microsoft.com/v1.0/users/me/sendMail isn't correct. It should be https://graph.microsoft.com/v1.0/me/sendMail.
I am using Microsoft Graph API to send an email on behalf of an admin. The token has the permission Mail.Send at application level. I am getting a 400 - Bad Request as the response.
Request: POST https://graph.microsoft.com/v1.0/me/sendmail
{
"message": {
"subject": "first mail",
"body": {
"contentType": "Text",
"content": "commented commmented"
},
"toRecipients": [{
"emailAddress": {
"address": "Alex#*******"
}
}]
},
"saveToSentItems": "false"
}
Response is 400 - Bad Request:
{
"error": {
"code": "AuthenticationError",
"message": "Error authenticating with resource",
"innerError": {
"request-id": "4c5cc54c-e590-4d9f-903f-4bc9828da707",
"date": "2018-01-19T19:48:11"
}
}
}
I searched all over Stack Overflow but I could not find a solution. Can someone please help me? Thank you in advance.
When using client_credentials you cannot use the /me endpoint. Graph translates requests to /me as /users/{ID of the Authenticated User}. Since you do not have an "Authenticated User" when using Client Credentials (i.e. App-only) you cannot use /me here.
Also note that the response is an AuthenticationError. This suggests that you haven't gone through the Admin Consent process yet. Any application looking to leverage the Client_Credentials OAUTH flow must first have an Admin provide Consent for the Tenant. It isn't clear how you're retrieving your token but if you're using the v2 Endpoint you can follow this walk-though: v2 Endpoint and Admin Consent
In the Facebook API, there is a request that provides details about the application that a particular OAuth access token is for. For example, I could send
http://graph.facebook.com/app?access_token=ABC...123
and it would return information about the application that the access token was generated for. It has a very similar one to get information about the user the access token was generated for.
http://graph.facebook.com/me?access_token=ABC...123
My question pertains to the parallel calls in Microsoft's Live Connect RESTful API. There is a direct equivalent to the /me request that returns the user's unique ID, but I cannot find any documentation for a parallel to the /app request (client in MS terminology).
https://apis.live.net/v5.0/me?access_token=ABC...123
{
"id": "1234abc1a1abc123",
"name": "test test",
"first_name": "test",
"last_name": "test",
"gender": null,
"locale": "en_US"
}
https://apis.live.net/v5.0/app?access_token=ABC...123
{
"error": {
"code": "request_url_invalid",
"message": "The URL contains the path 'app', which isn't supported."
}
}
https://apis.live.net/v5.0/client?access_token=ABC...123
{
"error": {
"code": "request_url_invalid",
"message": "The URL contains the path 'client', which isn't supported."
}
}