Cannot create team - microsoft-graph-api

I'm having issue with the Microsoft Graph API when creating a team on Teams. The only response I got is: Forbidden . With no other error info/description.
The request is the following:
PUT : https://graph.microsoft.com/v1.0/groups/<groupId>/team
header : {
'Accept-Encoding' => 'gzip, deflate, br',
'Authorization' => 'Bearer <tokeSTRING>
}
request parameter : {
"memberSettings": {
"allowCreateUpdateChannels": true
},
"messagingSettings": {
"allowUserEditMessages": true,
"allowUserDeleteMessages": true
},
"funSettings": {
"allowGiphy": true,
"giphyContentRating": "strict"
}
}
The response:
{
"error": {
"code": "Forbidden",
"message": "Forbidden",
"innerError": {
"date": "2020-07-15T09:42:47",
"request-id": "<requestId>"
}
}
}
On Azure I've already gave the Application permissions to create Group/Team as described under the route page : https://learn.microsoft.com/en-us/graph/api/team-put-teams?view=graph-rest-1.0&tabs=http
Anyone having the same issue?


I guess, your request should have following code only
{
"memberSettings": {
"allowCreateUpdateChannels": true
},
"messagingSettings": {
"allowUserEditMessages": true,
"allowUserDeleteMessages": true
},
"funSettings": {
"allowGiphy": true,
"giphyContentRating": "strict"
}
}
Enter the PUT command as usual
https://graph.microsoft.com/v1.0/groups/<groupId>/team

Related

Request sent from Swagger UI not resulting in Postman x-www-form-urlencoded response

I'm currently configuring a Swagger file to utilize OAuth to retrieve tokens from a site. For brevity, I have removed my schemes and most of my paths as those are fine.
{
"openapi": "3.0.2",
"info": {
"title": "swagger",
"version": "1.0.0",
"description": ""
},
"servers": [
{
"url": "url"
}
],
"paths": {
"/oauth_token.do": {
"post": {
"requestBody": {
"required": true,
"content": {
"application/x-www-form-urlencoded": {
"schema": {
"type": "object"
}
}
}
}
}
}
},
"components": {
"securitySchemes": {
"OAuth": {
"type": "oauth2",
"flows": {
"password": {
"tokenUrl": "/oauth_token.do",
"refreshUrl": "/oauth_token.do",
"scopes": {
"useraccount": "utilize user account"
}
}
}
}
}
}
"security": [
{
"OAuth": ["useraccount"]
}
]
}
The endpoint for this API specifies that I should use x-www-form-urlencoded in the header as the Content-Type. When executing this request in Postman, it returns 200 with the desired response.
However, with https://editor.swagger.io I input the same postman request to get the fetch failed error with my Authorize button. To test for this, I created a custom path that specifies that the content should be x-www-form-urlencoded and this also fails.
So, what am I missing in this case? Any help would be appreciated.

I believe the issue was I did not fill out some portions I added on the response for path. Instead I opted to only leave description for the 200 response.
The main error I'm getting now is CORS related which is unrelated to the original question. I'll mark this answered for now.

ADP API Update Worker Information

I am trying to make updates within the ADP Worker API, though I keep getting "403: Invalid Scope" for the error. I am using this reference guide, specifically the People > Personal Information > Personal Profile > Contact > Add Home Phone section.
I can interact with the API through GET requests, though I am unable to POST. I am using the URL:
https://api.adp.com/events/hr/v1/worker.personal-communication.landline.add
Body Payload:
{
"events": [
{
"data": {
"eventContext": {
"worker": {
"associateOID": "exampleID123123"
}
},
"transform": {
"worker": {
"person": {
"communication": {
"landline": {
"areaDialing": "240",
"dialNumber": "4567896"
}
}
}
}
}
},
"links": []
}
]
}
Response:
{
"response": {
"responseCode": 403,
"methodCode": "POST",
"resourceUri": {
"href": "/events/hr/v1/worker.personal-communication.landline.add"
},
"serverRequestDateTime": "2021-09-09T18:26:44.607Z",
"applicationCode": {
"code": 403,
"typeCode": "error",
"message": "Invalid Scope"
},
"client_ip_adddress": "xxx.xx.xxx.xxxx",
"adp-correlationID": "xxxxxxxxx-xxxxxxxxxxx-xxxxxxxxxx"
}
}
Any suggestions? Thank you in advance!

After some searching, I believe the answer to my initial question is that we are required to contact our ADP representative to add the ability to hit the Event API. We only had access to the Worker API, which allowed successful calls previously.

MS Graph API (mail) issue with POST and scopes

Trying to get this to work and GET / Patch work just fine, but POST gives me HTTP STATUS 400 and 403. Must be something with scopes. In Azure AD I have set the following scopes:
Mail.ReadWrite (Delegated)
Mail.ReadWrite (Application)
Mail.Send Delegated)
Mail.Send (Application)
So, signing in works just fine, getting / patching messages as well. Only POST doesnt seem to work.
See code for exact error messages.
Angular10
App.module
export function MSALInstanceFactory(): IPublicClientApplication {
return new PublicClientApplication({
auth: {
clientId: 'xxxx',
authority: 'https://login.microsoftonline.com/common/',
redirectUri: '/',
postLogoutRedirectUri: '/#/login'
},
cache: {
cacheLocation: BrowserCacheLocation.LocalStorage,
storeAuthStateInCookie: isIE, // set to true for IE 11
},
system: {
loggerOptions: {
loggerCallback,
logLevel: LogLevel.Info,
piiLoggingEnabled: false
}
}
});
}
export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration {
const protectedResourceMap = new Map<string, Array<string>>();
protectedResourceMap.set('https://graph.microsoft.com/v1.0/me', ['user.read', 'mail.readWrite', 'email']);
// also tried these scopes ..
// protectedResourceMap.set('https://graph.microsoft.com/v1.0', ['user.read', 'mail.readWrite', 'email']);
// protectedResourceMap.set('https://graph.microsoft.com/v1.0/query', ['user.read', 'mail.readWrite', 'email']);
// protectedResourceMap.set('https://graph.microsoft.com/v1.0/search/query', ['user.read', 'mail.readWrite', 'email']);
return {
interactionType: InteractionType.Redirect,
protectedResourceMap
};
}
export function MSALGuardConfigFactory(): MsalGuardConfiguration {
return { interactionType: InteractionType.Redirect };
}
#NgModule({
imports: [
BrowserModule,
// etc..
],
declarations: [AppComponent],
providers: [
NgEventBus,
ChhServices,
SynclogService,
AppService,
AuthService,
GapiServices,
{
provide: ErrorHandler,
useClass: ErrorService,
},
{
provide: HTTP_INTERCEPTORS,
useClass: MsalInterceptor,
multi: true
},
{
provide: MSAL_INSTANCE,
useFactory: MSALInstanceFactory
},
{
provide: MSAL_GUARD_CONFIG,
useFactory: MSALGuardConfigFactory
},
{
provide: MSAL_INTERCEPTOR_CONFIG,
useFactory: MSALInterceptorConfigFactory
},
MsalService,
MsalGuard,
MsalBroadcastService
],
bootstrap: [AppComponent],
})
export class AppModule { }
Auth.service
signIn() {
console.log('AuthService::signIn');
this.msalService.loginPopup().subscribe((result) => {
this.accessToken = result['accessToken'];
console.log('authority', result, this.accessToken);
});
}
testGraphApi() {
// 200 OK
const apiGet = this.httpClient.get(`https://graph.microsoft.com/v1.0/me/messages/`).subscribe((data) => {
console.log('get', '/me/messages', data);
});
const categories: any[] = ['custom'];
const body = {
subject: '2320, with tags',
flag: { flagStatus: 'flagged' }, // notFlagged
categories,
body: {
contentType: 'html',
content: 'lalala'
},
inferenceClassification: 'other'
};
const id = 'AQMkADAwATM3ZmYAZS0zOTkANy02MTAwAC0wMAItMDAKAEYAAAM_TfJTK-tISYhjZdaCkkbgBwCPpkVcscQ9QJF-EDzB8h_oAAACAQwAAACPpkVcscQ9QJF-EDzB8h_oAAACHbIAAAA=';
// 200 OK
const apiPatch = this.httpClient.patch(`https://graph.microsoft.com/v1.0/me/messages/${id}`, body).subscribe((data) => {
console.log('patch', '/me/messages', data);
});
const bodySendMail = {
'message': {
'subject': 'Meet for lunch?',
'body': {
'contentType': 'Text',
'content': 'The new cafeteria is open.'
},
// etc..
}
}
const headers = new HttpHeaders({ 'Content-Type': 'application/json', 'Authorization': `Bearer ${this.accessToken}` });
// 403 Forbidden
// "code": "ErrorAccessDenied",
// "message": "Access is denied. Check credentials and try again.",
const apiSendMail = this.httpClient.post(`https://graph.microsoft.com/v1.0/me/sendMail`, bodySendMail, { headers }).subscribe((data) => {
console.log('post', '/me/sendMail', data);
});
const bodySearch = {
'requests': [
{
'entityTypes': [
'message'
],
'query': {
'queryString': 'ref:6019d6bf1ce3425fb833559e'
},
'from': 0,
'size': 5
}
]
}
// 400 Bad Request
// "code": "AuthenticationError",
// "message": "Error authenticating with resource",
const apiSearch = this.httpClient.post(`https://graph.microsoft.com/v1.0/search/query`, bodySearch, { headers }).subscribe((data) => {
console.log('post', '/search/query', data);
});
}

// 403 Forbidden
// "code": "ErrorAccessDenied",
// "message": "Access is denied. Check credentials and try again."
Send mail API needs Mail.Send permission. When requesting /me endpoint which bases the current signed-in user, it should have the delegated permission.
So you need to add Mail.Send of delegated permission in the portal and add it in your code.
// 400 Bad Request
// "code": "AuthenticationError",
// "message": "Error authenticating with resource"
searchEntity: query API needs the Mail.ReadWrite delegated permission. This api only supports "work or school account". A work account typically uses an organization’s custom domain name or company name, such as "jon#contoso.com" or "xxx#yourTenantName.onmicrosoft.com".
You could test to request the api in Graph Explorer.

I am trying to add forwarding rule to the user's mailbox but it is not working asexpected

I am using graph API to add message rule which is forward a mail from user's inbox. Rule is getting added but mails are not forwarding to specified id.
Here are some details:
var data = {
"displayName": "From partner",
"sequence": 1,
"isEnabled": true,
"conditions": {
"isAutomaticForward": true
},
"actions": {
"forwardTo": [
{
"emailAddress": {
"name": "recipient name ",
"address": "email address"
}
}
],
"stopProcessingRules": true
}
}
axios.post("https://graph.microsoft.com/v1.0/users/{userId}/mailFolders/inbox/messageRules", data,
{
headers: {
"Authorization": "Bearer " + access_token
}
}
)
.then(response => {
console.log(response.data)
})
.catch(err => {
console.log(err.response)
})
Response is as expected but mails are not forwarding.

I tried the above payload, steps and it works for me!!
(1) Create a new rule using Graph API
POST https://graph.microsoft.com/v1.0/me/mailFolders/inbox/messageRules
Content-type: application/json
{
"displayName": "From partner",
"sequence": 2,
"isAutomaticForward": true,
"actions": {
"forwardTo": [
{
"emailAddress": {
"name": "Alex Wilbur",
"address": "AlexW#contoso.onmicrosoft.com"
}
}
],
"stopProcessingRules": true
}
}
(2) Test whether the rule is working or not.
Result: It's working as expected
(3) Check that the above rule shows or not (as part of Outlook.office.com or Outlook UI's rule section)
Adding a snapshot that i captured from Outlook.office.com, mailbox settings!!

Error creating live broadcast - NodeJS libs

I'm trying to create a live broadcast using the nodejs client library but I'm getting the following error:
{ Error: Title is required
at Request._callback code: 400,
.
.
.
errors:
[ { domain: 'youtube.liveBroadcast',
reason: 'titleRequired',
message: 'Title is required',
extendedHelp: 'https://developers.google.com/youtube/v3/live/docs/liveBroadcasts/insert#request_body' } ] }
It's working on the API Explorer and that's getting me lost with this one. Here is code:
var google = require('googleapis');
var OAuth2 = google.auth.OAuth2;
var youtube = google.youtube('v3');
var oauth2Client = new OAuth2(
'xxxx', //CLIENT_ID
'xxxx', //MY_CLIENT_SECRET,
'http://localhost:3000/api/integrations/youtube'//YOUR_REDIRECT_URL
);
oauth2Client.setCredentials({
access_token: "xxxx",
refresh_token: "xxxx"
});
broadcastParams = {
"auth": oauth2Client,
"part": "snippet,status,contentDetails",
"snippet": {
"title": "Testing NodeJS",
"scheduledStartTime": "2017-02-20T14:00:00.000Z",
"scheduledEndTime": "2017-02-20T15:00:00.000Z",
},
"status": {
"privacyStatus": "private",
},
"contentDetails": {
"monitorStream": {
"enableMonitorStream": true,
}
}
};
youtube.liveBroadcasts.insert(broadcastParams,
function(err,broadcast) {
if (err) {
return console.log('Error creating broadcast: ', err);
}
console.log('Broadcast = ' + JSON.stringify(broadcast));
});
Thanks for the help!

Got it solved.
My broadcast parameters wasn't correct. I was missing the "resource". Here is the code that is working now:
var google = require('googleapis');
var OAuth2 = google.auth.OAuth2;
var youtube = google.youtube('v3');
var oauth2Client = new OAuth2(
'xxxx', //CLIENT_ID
'xxxx', //MY_CLIENT_SECRET,
'http://localhost:3000/api/integrations/youtube'//YOUR_REDIRECT_URL
);
oauth2Client.setCredentials({
access_token: "xxxx",
refresh_token: "xxxx"
});
broadcastParams = {
"auth": oauth2Client,
"part": "snippet,status,contentDetails",
"resource": {
"snippet": {
"title": "Tesing NodeJS 123",
"scheduledStartTime": "2017-02-20T14:00:00.000Z",
"scheduledEndTime": "2017-02-20T15:00:00.000Z",
},
"status": {
"privacyStatus": "private",
},
"contentDetails": {
"monitorStream": {
"enableMonitorStream": true,
}
}
}
};
youtube.liveBroadcasts.insert(broadcastParams, function(err,broadcast) {
if (err) {
return console.log('Error creating broadcast: ', err);
}
console.log('Broadcast = ' + JSON.stringify(broadcast));
});

Resources