I want to send an invitation by mail to customers, so they can download a file from our SharePoint. The request is like this:
https://graph.microsoft.com/v1.0/sites/{{siteId}}/drives/{{driveId}}/root:/Prueba/prueba.txt:/microsoft.graph.invite
With body:
{
"recipients": [
{"email": "mail1#mail.com"},
{"email": "mail2#mail.com"}
],
"message": "Download your file",
"requireSignIn": true,
"sendInvitation": true,
"roles": [ "read" ]
}
If I fill up "recipients" with mails from the organization, everything goes ok.
But when I use external mails (gmail, hotmail, other companies mails, etc), the response is 400 with this body:
{
"error": {
"code": "invalidRequest",
"message": "The request is malformed or incorrect.",
}
}
}
I suppose we need to configure our SharePoint in a certain way, but Microsoft support couldn't help us. Could anyone suggest any solution?
Thanks!
You can use the other mail Accounts like gmail,yahoo etc in the recipients property but before that you need to modify your site setting. Go to Sharepoint Admin Center--> Sites --> Active Sites --> Select the site which you are using and click on the 3 dots just below "Active sites" heading and select sharing and make it anyone.
Related
I have a Microsoft application (with Mail.Read/Write permissions) and I need to insert a mail (.eml extension file) to a user inbox.
Is that possible? I know that with Gsuite that can be done using the 'insert' API and was wondering if something similar exist with Graph API.
I'm not talking about sending new mail to the user or about inserting an attachment to existing message in the user inbox, but to insert completely new email to his inbox (without having to go through SPF or whatever checks that take place before mails usually get into end users inboxes).
Looking into Mail section under Graph API documentation wasn't so helpful.
If that not possible, perhaps there is a workaround?
EDIT: seems like the best option is to use "send mail" API and specify "saveToSentItems": False.. the only issue here as that my application will need to request the Mail.Send permission as well..
Thanks
You don't need to use the send mail api as all your doing is creating an Item in the Mailbox. If you want it to appear as a Sent Mail (rather then a draft) you do need to set the PidTagMessageFlags extended property (the same as you would in EWS https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-import-items-by-using-ews-in-exchange). Also if you want it to appear if its been sent in the past there are few additional extended properties you need to set. eg
{
"Subject": "test1234",
"Sender": {
"EmailAddress": {
"Name": "blah",
"Address": "blah#blah.com"
}
},
"Body": {
"ContentType": "HTML",
"Content": "123Body"
},
"SingleValueExtendedProperties": [
{
"PropertyId": "Integer 0x0E07",
"Value": "1"
},
{
"PropertyId": "SystemTime 0x0039",
"Value": "2019-06-12T10:10:47.2048+10:00"
},
{
"PropertyId": "SystemTime 0x0E06",
"Value": "2019-06-12T10:10:47.2048+10:00"
}
]
}
I am trying to create a link to share a document with createLink from Microsoft Graph for specific users without using an invite but it is creating a link with Anyone with the link can edit this document permission.
I'm calling this endpoint:
POST /me/drive/items/{itemId}/createLink
With this request body:
{
"type": "edit",
"scope": "anonymous"
}
Am I missing something?
You can't use createLink for sharing with a specific person, you need to use the invite endpoint for that.
The call you're making is responding exactly how you've asked it to and generating a link (createLink) that anyone (anonymous) can access.
If you don't want to send a physical invitation, you can tell OneDrive this by setting the sendInvitation property to false:
POST /me/drive/items/{item-id}/invite
Content-type: application/json
{
"requireSignIn": true,
"sendInvitation": false,
"roles": [ "write", "read"],
"recipients": [
{
"email": "someone#contoso.org"
}
]
}
Please refer this link https://learn.microsoft.com/en-us/onedrive/developer/rest-api/api/driveitem_invite
You can share the file with specific user by adding user's in
"recipients":[{"#odata.type":"microsoft.graph.driveRecipient"}]
parameter. You can set sendInvitation parameter like "sendInvitation":false to avoid sending the invitation mail.
I'm trying to use the Sample Graph API app to change a user's password but I'm getting:
Error Calling the Graph API Response:
{
"odata.error": {
"code": "Authorization_RequestDenied",
"message": {
"lang": "en",
"value": "Insufficient privileges to complete the operation."
}
}
}
Graph API Request:
PATCH /mytenant.onmicrosoft.com/users/some-guid?api-version=1.6 HTTP/1.1
client-request-id: ffd564d3-d716-480f-a66c-07b02b0e32ab
date-time-utc: 2017.08.10 03:04 PM
JSON File
{
"passwordProfile": {
"password": "Somepassword1$",
"forceChangePasswordNextLogin": false
}
}
I've tested updating the user's displayName and that works fine.
{
"displayName": "Joe Consumer"
}
AD Application Permissions
I've configured my app permissions as described here.
Check out this article. Seems like it has the same symptoms.
Solution 1:
If you are receiving this error when you call the API that includes only read permissions, you have to set permissions in Azure Management Portal.
Go to Azure Management Portal and click Active Directory.
Select your custom AD directory.
Click Applications and select your Application.
Click CONFIGURE and scroll down to the section 'Permissions to other applications'.
Provide required Application Permissions and Delegated Permissions for Windows Azure Active Directory.
Finally save the changes.
Solution 2:
If you are receiving this error when you call the API that includes delete or reset password operations, that is because those operations require the Admin role of Company Administrator. As of now, you can only add this role via the Azure AD Powershell module.
Find the service principal using Get-MsolServicePrincipal –AppPrincipalId
Get-MsolServicePrincipal | ft DisplayName, AppPrincipalId -AutoSize
Use Add-MsolRoleMember to add it to Company Administrator role
$clientIdApp = 'your-app-id'
$webApp = Get-MsolServicePrincipal –AppPrincipalId $clientIdApp
Add-MsolRoleMember -RoleName "Company Administrator" -RoleMemberType ServicePrincipal -RoleMemberObjectId $webApp.ObjectId
To connect to your B2C tenant via PowerShell you will need a local admin account. This blog post should help with that, see "The Solution" section.
Try below settings, works for me.
Used the below JSON
{
"accountEnabled": true,
"signInNames": [
{
"type": "emailAddress",
"value": "kart.kala1#test.com"
}
],
"creationType": "LocalAccount",
"displayName": "Joe Consumer",
"mailNickname": "joec",
"passwordProfile": {
"password": "P#$$word!",
"forceChangePasswordNextLogin": false
},
"passwordPolicies": "DisablePasswordExpiration",
"givenName": "Joe",
}
Also make sure you assign the application the user account, administrator role which will allow it to delete users link here
Getting a strange error message and there is literally nothing on it anywhere I look. Granted access to Google My Business API, followed directions here;
https://developers.google.com/my-business/content/get-started
All went well, but the expected 200 response was actually the below;
{
"error": {
"status": "PERMISSION_DENIED",
"message": "The request was blocked. Quota configuration not found for the requesting project.",
"code": 403,
"details": [
{
"violations": [
{
"description": "The request was blocked. Quota configuration not found for the requesting project.",
"subject": "project:XXXXXXXXXX"
}
],
"#type": "type.googleapis.com/google.rpc.QuotaFailure"
}
]
}
}
Anyone have any idea how to add quotas in Google Developer console, or, alternately, if this message is a result of expired permissions perhaps? (Granted access in Feb, did not use until now?)
This is what you get when the project in question does not have Google My Business API access, as granted through their official process etc. When I used the correct project I got a 200 and all is well.
So sayeth the GMB folks themselves, who answered my email same day!
When I try to post an activity to Google+ I get the error:
{
"error": {
"code": 403,
"message": "Access Not Configured. The API (Google+ Domains API) is not enabled for your project. Please use the Google Developers Console to update your configuration.",
"errors": [
{
"domain": "usageLimits",
"message": "Access Not Configured. The API (Google+ Domains API) is not enabled for your project. Please use the Google Developers Console to update your configuration.",
"reason": "accessNotConfigured",
"extendedHelp": "https://console.developers.google.com"
}
]
}
}
I know this question has been asked before here, but I have a different message in my error. I've also enabled Google Domains API in the console. I'm using a Gmail account and I also receive circles and contacts information with the following scopes:
https://www.googleapis.com/auth/userinfo.email
https://www.google.com/m8/feeds https://www.googleapis.com/auth/plus.login
https://www.googleapis.com/auth/plus.stream.write
https://www.googleapis.com/auth/plus.me
My Post body is:
{
"object": {
"originalContent": "Happy Monday! #caseofthemondays"
},
"access": {
"items": [
{
"type": "domain"
}
],
"domainRestricted": true
}
}
Found out this feature is only available for Google Apps customers not anyone else.
Reference
Have you created (or using) the API_KEYs in your Google project?
If not, go to Google developer console and select the credentials section under APIs & Auth and create the API key relevant for your application.
If you already have a key, try regenerating a new one