Trying to migrate to V2 of the API, no matter what permissions I request I get the below error.
unauthorized_scope_error&error_description=Scope+%26quot%3Br_liteprofile%26quot%3B+is+not+authorized+for+your+application&state=abc
V1 works fine, I am also unable to set any of the new permissions as defaults in the app configuration as only legacy permissions are available. I am following the Microsoft guide but can not get anything but errors from LinkedIn https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/sign-in-with-linkedin?context=linkedin/consumer/context
https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=[cleitnId]&redirect_uri=[redirect uri]&state=abc&scope=r_liteprofile
Can you write here which permission you are getting ?
you have created new app or old one ?
can you read this in detail, must check which permission you will get as default : https://learn.microsoft.com/en-us/linkedin/consumer/integrations/self-serve/migration-faq?context=linkedin/consumer/context
Related
I am trying to build an app that brings in and renders Jira data in a unique way. I'm trying to follow the following tutorial: here. I'm at step 1: Direct the user to get an authorization call. I set up my app Permissions and Authorization. The authorization url generator created the following url:
https://auth.atlassian.com/authorize?audience=api.atlassian.com&client_id=1SdMM8pTryWCljI1Awm9drfKvnU2BR2H&scope=read%3Ajira-work%20manage%3Ajira-project%20manage%3Ajira-configuration%20read%3Ajira-user%20write%3Ajira-work%20manage%3Ajira-webhook%20manage%3Ajira-data-provider&redirect_uri=https%3A%2F%2Flocalhost%3A4200%2F&state=${YOUR_USER_BOUND_VALUE}&response_type=code&prompt=consent
(I do get a warning: The Jira Service Management API for your app doesn't have any classic scopes. Add classic scopes to your app.Though I do have 7 Jira Api scopes added.)
This is just a dummy app for now that I will use to connect to localhost. When I try to browse the url I get the following page. Is there something that I'm missing that I need to do?
We have a need to post messages programmatically to Teams Channels and found the microsoft.graph.com API that should work for this. Unfortunately the GA release (v1.0) does not support Application Permissions and the only other way to Post a message seems to be to use the ROPC Auth flow, which is not allowed at my company.
After further research I found out that the documentation for the Beta release of this allows for using Application Permissions, which should work great for me. However, even though I added the "Teamwork.Migrate.All" permissions (Granting approved), I am still getting HTTP 401 Unauthorized.
I later found a second documentation page for the Beta release that does NOT specify Application Permissions as allowed for Posting a message in a Channel.
These are the two documentation pages with conflicting information:
https://learn.microsoft.com/en-us/graph/api/channel-post-message?view=graph-rest-beta&tabs=http - Application Permission allowed
https://learn.microsoft.com/en-us/graph/api/chatmessage-post?view=graph-rest-beta&tabs=http - Application Permission NOT allowed
Does someone know what is correct?
Also, is there currently any other way to post messages to Teams Channels programmatically?
Side note, the Bearer token I generate work fine for Getting Channel info, but not for Posting messages.
The first documentation is meant for "Create a new chatMessage in the specified channel", wherein the Second documentation is meant for "Create a new chatMessage in the specified channel or a chat". So there is a difference exists
I am working on an Angular 7 application that uses GraphAPI. I am trying to create an online meeting from this application.
Each time I send a POST request I get 'Forbidden' as response. I have used apis's with Delegated permission before and it works.
Since online meeting requires 'Application Permission' I am not sure where to specify it. Could anyone help me with this?
You specify the permissions in App Registration > your app > settings.
You have a problem with the way you are trying to access the token. I used to get the same error however, got resolved by passing userName and Password as well in the auth request and using grant_type as password.
I have registered my application here.
I have given all permissions to my App in that panel as well.
I specifically need Groups.ReadWrite.All which requires an admin ? requirement I am not sure what this even means.
https://apps.dev.microsoft.com/#/application/
Okay App is registered and redirect url has been copied.
Now I take that redirect url copy it and paste it into the admin panel for apps. At this link at App Registrations
https://portal.azure.com/
I am not sure why I have to register in two different panels, one which gives me a redirect url for my native app and the other that leaves it blank.
Great So then I setup my iOS app to make a graph request. This scope
https://graph.microsoft.com/Calendars.ReadWrite
I need to readwrite groups so I add this permission
https://graph.microsoft.com/Group.ReadWrite.All
It fails to authenticate.
I have checked that I have added the permissions to my app, and I have at this app registration panel https://apps.dev.microsoft.com/#/application/
Then I try to add the same permissions in the
https://portal.azure.com/
it gives me
Unable to Complete Request Validation Error, then doesn't do anything.
I tried to add a non admin permission same error.
So what is going on here ... ?
So even though they told me use the Graph API from now on moving forward in the docs I tried to go back to their office 365 SDK for iOS, it also has problems as I cannot get the pods to work as per instructions.
I am 100% sure after this issue is resolved I will need permissions
Note: I work at as a consultant for a bank so if someone can tell me what the azure administrator at the bank has to do to get my permissions escalated to admin status that would be great....
Thanks
Those are 2 different registrations,
Per this documentation (https://graph.microsoft.io/en-us/docs/authorization/auth_overview), for personal accounts like live.com or outlook.com, use the Azure AD v2.0, and for the enterprise, use the Azure AD.
So, for your case, I believe you need the latter, the azure AD.
For this to happen, as you said, go https://portal.azure.com/ and add the app registration.
In order to do so, you would need to
select "Azure Active Directory" and go "App registrations".
Once you create an app, you would need to select "native" for the iOS, and then under app access, under "required permissions" add "Microsoft Graph" followed by selected permissions you would like.
To answer the note, you would need permissions to create an app at the portal, otherwise, you would need to ask for that permission or have the admin create an app for you.
Some samples are available at https://github.com/microsoftgraph/ios-objectivec-connect-sample and https://github.com/microsoftgraph/ios-swift-connect-sample for iOS samples.
Hope this helps!
Ive previously requested public_profile, user_friends, and email which Facebook will let you use pretty freely in my Swift iOS app but now I'm trying to update the app to request new permissions with loginWithReadPermissions but when it transfers to the login page it just says that I've already granted my app permission and doesn't request the new permissions. Querying the results shows no granted or denied permissions and looking at the Graph Explorer API on the Facebook Developer site shows the same. So I'm looking for suggestions on why my app might not be sending the updated request to the server.
I should note that I'm utilizing the AWS iOS Mobile SDK. I found another answer that overwrites the default Facebook sign in provider to add new permissions to the request but this has the same result.
Also in my output Im seeing the following string which contains all the permissions Im trying to request which makes me think that the request is going out but something else is happening
scope=email%2Cuser_birthday%2Cuser_hometown%2Cuser_friends%2Cpublic_profile%2Cuser_about_me