microsoft graph api assign license giving error - microsoft-graph-api

I am trying to assign license to a user with Office 365 business premium skuid but getting following error.
Request body:
{
"addLicenses": [
{
"skuId": "skuid"
}
],
"removeLicenses": []
}
Response
{
"error": {
"code": "Request_BadRequest",
"message": "Another object with the same value for property proxyAddresses already exists.",
"innerError": {
"request-id": "b94663b1-f58f-4e30-a457-3db66a0f0b51",
"date": "2020-03-13T11:22:35"
},
"details": [
{
"target": "proxyAddresses",
"code": "ObjectConflict"
}
]
}
}
But the user whom I am assigning license is unique.
Any help is much appreciated.

I can reproduce your issue via the following steps:
I already have a user account: allen3#tenant.onmicrosoft.com. It has an alias (proxyAddress): allenwu#tenant.onmicrosoft.com.
Now I create a new account through Microsoft Graph API with allenwu#tenant.onmicrosoft.com as the userPrincipalName.
POST https://graph.microsoft.com/v1.0/users
Content-type: application/json
{
"accountEnabled": true,
"displayName": "allent3",
"mailNickname": "allent3",
"userPrincipalName": "allenwu#tenant.onmicrosoft.com",
"passwordProfile" : {
"forceChangePasswordNextSignIn": false,
"password": "password-value"
}
}
The magic happened: the account was created successfully!
But when I assign license to the account allenwu#tenant.onmicrosoft.com with Microsoft Graph API, it gives me the same error as yours.
So I think this error prompt is reasonable. (Although it is unreasonable for the account to be created successfully.)
Please check if your tenant has the same problem as me. Hope it's helpful.

Related

Microsoft Graph returns "Internal Server Error" on request?

I am trying to get my Microsoft Teams assignments through Microsoft Graph. I submit this GET request https://graph.microsoft.com/beta/education/me/classes/{id}/assignments as shown in the docs, with my authentication token as a header. However, below is the reply I get. I am doing this with python, however I have also tried from Graph Explorer which yields the same result.
{
"error": {
"code": "InternalServerError",
"message": "Object reference not set to an instance of an object.",
"innerError": {
"date": "2020-09-07T16:44:48",
"request-id": "011086a0-9240-4896-9363-d403a1a0fb05"
}
}
}
Does anybody have any insight? Is this a problem with Microsoft?
You need to remove the /me. The correct URI is https://graph.microsoft.com/beta/education/classes/{id}/assignments.
From the documentation
POST https://graph.microsoft.com/beta/education/classes/11019/assignments
Content-type: application/json
Content-length: 279
{
"dueDateTime": "2014-02-01T00:00:00Z",
"displayName": "Midterm 1",
"instructions": {
"contentType": "text",
"content": "Read chapters 1 through 3"
},
"grading": {
"#odata.type": "#microsoft.education.assignments.api.educationAssignmentPointsGradeType",
"maxPoints": 100
},
"assignTo": {
"#odata.type": "#microsoft.education.assignments.api.educationAssignmentClassRecipient"
},
"status":"draft",
"allowStudentsToAddResourcesToSubmission": true
}

Error "FeatureNotEnabled" on POST /teamwork/workforceIntegrations

I've developed a simple Workforce Integration into Shifts App. The registration fails with an error that the feature is not enabled. Do I need to enable the integration capability on my tenant? I looked through the deployment guide for Kronos integration, but was not able to find anything.
Request:
{
"displayName": "CustomAutoDecline",
"apiVersion": 1,
"encryption": {
"protocol": "sharedSecret",
"secret": "<64 chars>"
},
"isActive": true,
"url": "https://<myurl>",
"supports": "Shift, SwapRequest"
}
Response:
{
"error": {
"code": "Forbidden",
"message": "{\"error\":{\"code\":\"Forbidden\",\"message\":\"Sorry, this feature is not enabled for your team\",\"details\":[],\"innererror\":{\"code\":\"FeatureNotEnabled\"}}}",
"innerError": {
"request-id": "ea894386-6268-47f6-9a38-751a11e996e0",
"date": "2020-04-07T19:30:13"
}
}
}
Thanks in advance
Figured out that the API is actually in preview that why you need your tenant being whitelisted to be able to use the API.

How to fix "Unsupported AAD Identity" when create a call from webapp?

When I call this from my web app, I'm getting an error code 9000 - "Unsupported AAD Identity".
POST https://graph.microsoft.com/beta/app/calls
request header:
{
"Content-type" => "application/json",
"Authorization" => "Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IkFRQUJBQUFBQUFBUDB3TGxxZExWVG9PcEE0a3d6U254TkY3UDFxM05tT0xEOHZJVXk0NmFtVWRaV1ZhbGdFUWx2Vkw4Mmp4cS1tZFpwOWdiY1kwdVB4U3ctOGlGd3JRM00zUWlBS29KS08zRzN3czNsNlFmZXlBQSIsImFsZyI6IlJTMjU2IiwieDV0IjoidTRPZk5GUEh3RUJvc0hqdHJhdU9iVjg0TG5ZIiwia2lkIjoidTRPZk5GUEh3RUJvc0hqdHJhdU9iVjg0TG5ZIn0.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC81NGRkYWJiMS1kNjU5LTRhZmYtODNkZi1kYzUwODk2OTI3YjgvIiwiaWF0IjoxNTYzODQxMTQ2LCJuYmYiOjE1NjM4NDExNDYsImV4cCI6MTU2Mzg0NTA0NiwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFTUUEyLzhNQUFBQWlhS2hob3hBalByVHJsOEZVc0w0Q2Y2Zkc4M2x4YVpIWXVYOTJaT0w5eDQ9IiwiYW1yIjpbInB3ZCIsInJzYSJdLCJhcHBfZGlzcGxheW5hbWUiOiJNeSBSdWJ5IEFwcCIsImFwcGlkIjoiYTFlMjliY2YtODYxOS00ZjVjLWEzMjAtNmY2N2QzMGZiOTlkIiwiYXBwaWRhY3IiOiIxIiwiZGV2aWNlaWQiOiJjMThiZDJmYS05YzhkLTRlOGItYTUwMi1lYWFlMmI2YzM1NjYiLCJmYW1pbHlfbmFtZSI6IuWFqOS9kyIsImdpdmVuX25hbWUiOiLnrqHnkIbogIUiLCJpcGFkZHIiOiIxNTMuMTU2Ljg5LjYzIiwibmFtZSI6IuWFqOS9kyDnrqHnkIbogIUiLCJvaWQiOiIwZGFmMzVhNS1jZjUyLTQ0ODMtYmM0NS0xM2ExYTBlYWE5Y2MiLCJwbGF0ZiI6IjMiLCJwdWlkIjoiMTAwMzIwMDA0OTE0QkVDMCIsInNjcCI6IkNhbGVuZGFycy5SZWFkIERpcmVjdG9yeS5BY2Nlc3NBc1VzZXIuQWxsIERpcmVjdG9yeS5SZWFkLkFsbCBlbWFpbCBHcm91cC5SZWFkLkFsbCBHcm91cC5SZWFkV3JpdGUuQWxsIG9wZW5pZCBwcm9maWxlIFVzZXIuUmVhZCBVc2VyLlJlYWQuQWxsIFVzZXIuUmVhZEJhc2ljLkFsbCIsInNpZ25pbl9zdGF0ZSI6WyJrbXNpIl0sInN1YiI6IktIZ3dXcEdHMWRRdHlUSGplU3pfQ1RPWk03b0w1bHRocWFUclRSbi1ucm8iLCJ0aWQiOiI1NGRkYWJiMS1kNjU5LTRhZmYtODNkZi1kYzUwODk2OTI3YjgiLCJ1bmlxdWVfbmFtZSI6ImFkbWluQGV4ZW9kZXYuaXRlZS5jby5qcCIsInVwbiI6ImFkbWluQGV4ZW9kZXYuaXRlZS5jby5qcCIsInV0aSI6IlVPRURPdnAzWEVTUU9rckU0dEFFQUEiLCJ2ZXIiOiIxLjAiLCJ3aWRzIjpbIjYyZTkwMzk0LTY5ZjUtNDIzNy05MTkwLTAxMjE3NzE0NWUxMCIsImY3MDkzOGEwLWZjMTAtNDE3Ny05ZTkwLTIxNzhmODc2NTczNyJdLCJ4bXNfc3QiOnsic3ViIjoiS2Mwc1JER3hHZFV5eDR6Qk1ucm9XWDhkNVpBTjVKN1EwSTh5SWZnUUhZZyJ9LCJ4bXNfdGNkdCI6MTU1ODMxNTU3OH0.cQmQLHWUfs8iOOPHf5SmWJYgsjQqLjZq9W5pKZzwRBtiQoOsUHILZkGYKz7_jx0bW-p87Cq6mFzswnoK30smEH6l7VW-gkzrxc2JFuDh-nKvfemTKnI3O_ZjtrEJNp-sWZF5Enm28Mg5Lh4hfBrSiROO8b0gAMytLWx9Qjy3H5x_zzdy34D1B1O8nCFrx217olDzarDCd6KqPtfCqoS00mWqCIwlEvHSi7OCtBV0HaUEl07-hi9hovu-uaHTLRW50fFP9hfoWYOz5qRyidpGNRtR26rUtexlOXtceZKYv5fD_VFNiBdT7d06EiK58UBib08eHjcvNJ6NEhcW0xTOxA"
}
request body:
{
"callbackUri": "https://bot.contoso.com/api/calls",
"mediaConfig": {
"#odata.type": "#microsoft.graph.serviceHostedMediaConfig",
"preFetchMedia": [
{
"uri": "https://cdn.contoso.com/beep.wav",
"resourceId": "1D6DE2D4-CD51-4309-8DAA-70768651088E"
},
{
"uri": "https://cdn.contoso.com/cool.wav",
"resourceId": "1D6DE2D4-CD51-4309-8DAA-70768651088F"
}
]
},
"source": {
"identity": {
"application": {
"id": "RealAppId"
}
},
"languageId": "languageId-value",
"region": "region-value"
},
"subject": "Test Call",
"targets": [
{
"identity": {
"user": {
"id": "RealTargetUserId",
"tenantId": "RealTenantId",
"displayName": "RealName"
}
}
}
],
"tenantId": "tenantId-value"
}
response:
{
"error": {
"code": "UnknownError",
"message": "{
"errorCode": "9000",
"message": "Unsupported AAD Identity.",
"instanceAnnotations": []
}",
"innerError": {
"request-id": "RealRequestId",
"date": "2019-07-23T00:25:12"
}
}
}
I n the request body, RealTargetUserId is an Azure ActiveDirectory UserID with an E1 license provisioned. RealAppId is the registered application id and with Permissions as follows:
Calls.AccessMedia.All
Calls.Initiate.All
Calls.InitiateGroupCall.All
Calls.JoinGroupCall.All
Calls.JoinGroupCallAsGuest.All
According to the documentation, you need one of the following Application scopes to create a call: Calls.JoinGroupCallsasGuest.All, Calls.JoinGroupCalls.All, Calls.Initiate.All, Calls.InitiateGroupCalls.All.
The authentication token you're using, however, is using Delegated scopes. This tells me you're either using OAuth's Authentication Code or Implicit grant flows. Neither of these will work for this operation.
In order to use this endpoint, you'll need to request an App-Only token using the OAuth Client Credentials grant. There are instructions on how to do this in the documentation: Get access without a user.
Also, you're over-requesting permission scopes. For example, there is no need to request User.Read, User.Read.All, and User.ReadBasic.All, you only need User.Read.All to accomplish the same thing. The same goes for Group.Read.All and Group.ReadWrite.All.
To fix issues with "Application is not registered in our store" you need to make sure that you use a Bot Channel Registration instead of just a normal App Registration.
The Bot Channel Registration should also have Microsoft Teams as a registered channel and have calling enabled.
For more information see: https://microsoftgraph.github.io/microsoft-graph-comms-samples/docs/articles/calls/register-calling-bot.html
The final step about adding the bot in teams can be skipped if you only care about API access.

Youtube API: Comment Insert 403 forbidden insufficient permissions

I'm using the API explorer at the bottom of https://developers.google.com/youtube/v3/docs/commentThreads/insert to test this call. I am requesting the scope https://www.googleapis.com/auth/youtube.force-ssl. Appreciate any help!
REQUEST:
POST https://www.googleapis.com/youtube/v3/commentThreads?part=id%2Csnippet&fields=id&key={YOUR_API_KEY}
{
"snippet": {
"topLevelComment": {
"snippet": {
"textOriginal": "comment from gdev"
}
},
"videoId": "B5BypNLbBgQ",
"channelId": "UCNqqFgLtbSjc9Er7XFv4wbA"
}
}
RESPONSE:
{
"error": {
"errors": [
{
"domain": "youtube.commentThread",
"reason": "forbidden",
"message": "The comment thread could not be created due to insufficient permissions. The request might not be properly authorized.",
"locationType": "other",
"location": "body"
}
],
"code": 403,
"message": "The comment thread could not be created due to insufficient permissions. The request might not be properly authorized."
}
}
The video was private.... Worked fine on a public video.
I had a similar problem. I needed to set the token in the header. the request body needs to have:
part: "snippet"
I think you also would need to set a header of:
Authorization: 'Bearer ' + access_token
I uploaded a video and by default the comments were disabled. Once I changed to "Allow all comments" I could post via the API.

branding settings error youtube api

I have to update the featured video of my channel using youtube api.
When I sent PUT request using api explorer of the form
PUT https://www.googleapis.com/youtube/v3/channels?part=brandingSettings&key={YOUR_API_KEY}
{
"brandingSettings": {
"channel": {
"featuredChannelsTitle": "featured channel",
"featuredChannelsUrls": [
"http://www.youtube.com/user/channelname"
]
}
},
"id": "channelId"
}
I am getting response as follows
404 Not Found
- Show headers -
{
"error": {
"errors": [
{
"domain": "youtube.channel",
"reason": "channelNotFound",
"message": "Channel branding options not found.",
"locationType": "parameter",
"location": "id"
}
],
"code": 404,
"message": "Channel branding options not found."
}
}
Please let me know where I am going wrong.
I was giving the wrong channel ID. But now I am trying with the correct Channel Id, and I am getting yet another error message.
Content-Type: application/json
Authorization: Bearer ya29.1.AADtN_X2UP_3BfFvUwAkvLp0d0mk1U-itJNVtWMPEJQU8G7INQ5q-UpI1yNMYniiLQ
X-JavaScript-User-Agent: Google APIs Explorer
{
"id": channelId,
"brandingSettings": {
"channel": {
"featuredChannelsUrls": [
" http://www.youtube.com/user/USERNAME"
],
"featuredChannelsTitle": "Featured Channels"
}
}
}
Response is 400 Bad Request
- Show headers -
{
"error": {
"errors": [
{
"domain": "youtube.channel",
"reason": "brandingValidationError",
"message": "Channel branding validation failed.",
"locationType": "parameter",
"location": "brandingSettings"
}
],
"code": 400,
"message": "Channel branding validation failed."
}
}
If you can provide me a sample request it would be really helpful
As it says in the error message, it couldn't find the channel, make sure you are giving the right channel id.
The way to do it in API, do a channels->list request and use that response object, modify it and put it back. (Most important make sure the id is there and set.)

Resources