SendMail API throwing 400 - Bad Request - microsoft-graph-api

I am using Microsoft Graph API to send an email on behalf of an admin. The token has the permission Mail.Send at application level. I am getting a 400 - Bad Request as the response.
Request: POST https://graph.microsoft.com/v1.0/me/sendmail
{
"message": {
"subject": "first mail",
"body": {
"contentType": "Text",
"content": "commented commmented"
},
"toRecipients": [{
"emailAddress": {
"address": "Alex#*******"
}
}]
},
"saveToSentItems": "false"
}
Response is 400 - Bad Request:
{
"error": {
"code": "AuthenticationError",
"message": "Error authenticating with resource",
"innerError": {
"request-id": "4c5cc54c-e590-4d9f-903f-4bc9828da707",
"date": "2018-01-19T19:48:11"
}
}
}
I searched all over Stack Overflow but I could not find a solution. Can someone please help me? Thank you in advance.

When using client_credentials you cannot use the /me endpoint. Graph translates requests to /me as /users/{ID of the Authenticated User}. Since you do not have an "Authenticated User" when using Client Credentials (i.e. App-only) you cannot use /me here.
Also note that the response is an AuthenticationError. This suggests that you haven't gone through the Admin Consent process yet. Any application looking to leverage the Client_Credentials OAUTH flow must first have an Admin provide Consent for the Tenant. It isn't clear how you're retrieving your token but if you're using the v2 Endpoint you can follow this walk-though: v2 Endpoint and Admin Consent

Related

Send email for Graph Api works in Postman but not through App in Azure?

I am accessing the Graph Api endpoint:
https://graph.microsoft.com/v1.0/me/sendMail
I retrieve the access token from Graph Explorer and use it as a Bearer token in Postman.
I also set Content-Type in the header to "application/json".
I set the Body as
{
"message": {
"subject": "Meet for lunch?",
"body": {
"contentType": "Text",
"content": "The new cafeteria is open."
},
"toRecipients": [
{
"emailAddress": {
"address": "testuser#acme.com"
}
}
]
}
}
Through Graph Explorer I have given consent for Mail.Send
It works fine in Postman. I set the scope in my c# app as Mail.Send, but when i send the request it gives the error
{StatusCode: 403, ReasonPhrase: 'Forbidden'
What other permission do i need to set ?

Add user in Azure AD using Microsoft Graph API

I am trying to add user using Microsoft graph API.
I have provided the consent for all the permissions required.
POST https://graph.microsoft.com/v1.0/users
Request body that is send to the post request.
{
"accountEnabled": true,
"displayName": "Adele Vance",
"mailNickname": "AdeleV",
"userPrincipalName": "AdeleV#contoso.onmicrosoft.com",
"passwordProfile": {
"forceChangePasswordNextSignIn": true,
"password": "xWwvJ]6NMw+bWH-d"
}
}
Error that is received in response
{
"error": {
"code": "",
"message": "No HTTP resource was found that matches the request URI 'https://outlook.office365.com:444/profile/v1.0/users('CID:0ff49e4749deeaf2')/profile?api-version=AGSV1-internal'.",
"innerError": {
"date": "2021-02-04T10:41:56",
"request-id": "025218e1-191c-464f-adf3-f0cdc5fcebfd",
"client-request-id": "c071d220-2f14-d7fa-956e-cd45ccbdc735"
}
}
}
Is there something that I am missing?
I have also gone through the docs for adding user provided by Microsoft.
https://learn.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0&tabs=http
What you said in the comment is correct, the document has detailed instructions, it does not support Microsoft personal accounts.
You will have to check the end point are you using to authorize in order to obtain the token.
If you are using a tenant specific end point
https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
Try replacing with the common endpoint
https://login.microsoftonline.com/common/oauth....

Create Team, 400 Bad Request, Required functionality is not supported

I'm trying to create a Microsoft Teams team in Migration mode via the Graph API. However I get a 400 response that I can't figure out. The query is shared in the link below.
Shared Query
For those that don't want to view it that way, here is my request:
POST https://graph.microsoft.com/beta/teams
Authorization: Bearer ...
Content-Type: application/json
{
"#microsoft.graph.teamCreationMode": "migration",
"template#odata.bind": "https://graph.microsoft.com/beta/teamsTemplates(\u0027standard\u0027)",
"displayName": "SlackMigrationTest",
"description": "testing slack migrations",
"createdDateTime": "2021-01-14T00:00:00.000Z"
}
I created this based on the microsoft doc here.
The reponse I get is:
The remote server returned an error: (400) Bad Request.
{
"error": {
"code": "BadRequest",
"message": "Required functionality is not supported.",
"innerError": {
"date": "2021-01-20T15:51:21",
"request-id": "dc4189cf-db4a-4a60-a271-f63b5d759a05",
"client-request-id": "dc4189cf-db4a-4a60-a271-f63b5d759a05"
}
}
}
I'm sure its something obvious that I'm missing but any help would be greatly appreciated.
Here you are using the User Context token and trying to make the call. This API call only works in Application context as shown in the below screenshot.
So use Client Credential flow and set Application permissions and then make a call.
As you can see below, it worked for me with App token.
You cannot test it in graph explorer because the Graph Explorer gets user token.

Creating events in calendar with Graph API returns "ResourceNotFound"

I'm trying to create events in my personal calendar (Office 365 account) with Graph API. I create a instance on my tenant on Azure with the following delegated permissions: Calendars.Read, Calendars.ReadWrite, email, offline_access, openid, profile and User.Read.
The oAuth2 sign-in occours as expected and I receive both the bearer_token and the refresh_token, using the /.default scope. But when I try to make the request:
POST /v1.0/me/calendar/events HTTP/1.1
Host: graph.microsoft.com
Authorization: Bearer eyJ0eXAi...
Content-Type: application/json
{
"subject": "Example",
"body": {
"contentType": "text",
"content": "Example description"
},
"start": {
"dateTime": "2020-09-01T12:00:00.000Z",
"timeZone": "America/Sao_Paulo"
},
"end": {
"dateTime": "2020-09-01T13:00:00.000Z",
"timeZone": "America/Sao_Paulo"
},
"location": {
"displayName": "Example location",
"locationUri": "https://example/uri"
}
}
I get this response:
{
"error": {
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"innerError": {
"date": "2020-08-31T22:18:15",
"request-id": "f03d0bdf-1a9c-41f4-a236-1c5a41a5d286"
}
}
}
I already had discarted that is a mailbox problem, because with Graph Explorer I can make the request and change my calendar, so I'm willing to think that is a permission problem.
I found out, the problem was not with the Graph request, but with the authentication request.
When you log into Graph API with a coorporative account, the requests to get the bearer_token are:
https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize
https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token.
But when you use a personal account, the endpoints are:
https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize
https://login.microsoftonline.com/consumers/oauth2/v2.0/token.
Using the tenantId will authenticate, but the user data will not be found in the tenant, giving the error I got.

Requesting Microsoft Graph /users/me/sendMail returns 404

We implemented oauth2 microsoft graph integration using node sdk. Mostly we use it for reading and sending emails. We already have some customers using our integration, but there's one customer that we are not able to get / send emails from his account. we get a 404 for everything we try to do using his access/refresh token.
this is one example:
POST https://graph.microsoft.com/v1.0/users/me/sendMail
Content-type: application/json
Content-length: 512
{
"message": {
"subject": "...",
"body": {
"contentType": "Text",
"content": "..."
},
"toRecipients": [
{
"emailAddress": {
"address": "...#....com"
}
}
],
}
}
And the response we are getting is:
{
"statusCode": 404,
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"requestId": "b5f8efca-53ff-4cf1-978e-c4f745fcbbc1",
"date": "2018 - 01 - 20 T23: 13: 27.000 Z",
"body": {
"code": "ResourceNotFound",
"message": "Resource could not be discovered.",
"innerError": {
"request-id": "b5f8efca-53ff-4cf1-978e-c4f745fcbbc1",
"date": "2018-01-20T23:13:27"
}
}
}
Looking for some similar issues, we found Office365 API returns 404 on GetCalendars on some accounts
where they say that the customer's mailbox might not be hosted in Office 365.There's a way to check using the requestId if this is the problem with our request? Or there's a way to find out without needing to ask the customer to try to sign in using OWA?
The URL https://graph.microsoft.com/v1.0/users/me/sendMail isn't correct. It should be https://graph.microsoft.com/v1.0/me/sendMail.

Resources