The requested user 'chrisb#domainname.com' is invalid - microsoft-graph-api

Microsoft Graph sometimes returns a strange result
Client Error:
GET https://graph.microsoft.com/v1.0/me/calendars resulted in a 404 Not Found
{
"error": {
"code": "ErrorInvalidUser",
"message": "The requested user 'chrisb#domain_name.com' is invalid.",
"innerError": {
"request-id": "c229f76d-a9d0-4441-b663-b34f4996cddb",
"date": "2017-11-21T01:23:18"
}
}
}
That issue seems to be strange for me, since I know the user exists since I can login under it.
What I do:
I use stored refresh token to get access token.
Using that access token I try to get list of all user calendars.
At that point it return me fail message.
Question:
What does that error mean - since user is 100% present at Microsoft (I able to get auth token from refresh token and able to login under that user)

I had faced same issue for some MS users only whom specially has very old account, I was passing email of microsoft user like : following
let userInfo = {email: user.email}
let apiParams = {token: access_token, event: newEvent,calendarId: msUserInfo.calendarId, user:userInfo}
Solution:
After I had issue, I have remove 'user' parameter from api and it works for me.
I have set now as following.
I have used Node, node-outlook
const outlook = require('node-outlook');
let newEvent = {
"Subject": objUpdate.title,
"Body": {
"ContentType": "HTML",
"Content": objUpdate.description
},
"Start": {
"DateTime": moment('startDate').toISOString(),
"TimeZone": objUpdate.timeZone
},
"End": {
"DateTime": moment('endDate').toISOString(),
"TimeZone": objUpdate.timeZone
}
};
outlook.calendar.createEvent({token: access_token, event: newEvent ,calendarId: msUserInfo.calendarId
},async function(error, result){
if (error) {
console.log("error: -",error)
throw "Microsoft Calendar Api Err."
}else if (result) {
console.log("Result -")
}
});

Related

Microsoft Teams cloud calling/graph-is there a way to have a bot add a PSTN participant to a meeting?

Using the C# calling SDK for Graph, I can join a bot to a meeting, and add participants by GUID from the same tenant. Where this falls apart though is adding a participant from PSTN/direct routing. If I have a regular user add a participant, I see this update:
"#odata.type": "#microsoft.graph.participant",
"info": {
"#odata.type": "#microsoft.graph.participantInfo",
"identity": {
"#odata.type": "#microsoft.graph.identitySet",
"phone": {
"#odata.type": "#microsoft.graph.identity",
"id": "+19054181287",
"identityProvider": "None"
}
},
"endpointType": "default"
},
Seems reasonable enough, so I tried adding a participant like this:
InvitationParticipantInfo target = new InvitationParticipantInfo { Identity = new IdentitySet(), };
target.Identity.SetInAdditionalData("phone", new Identity() { Id = targetID });
target.Identity.AdditionalData["phone"].SetInAdditionalData("tenantId", m_tenantID);
target.Identity.AdditionalData["phone"].SetInAdditionalData("identityProvider", "None");
target.EndpointType = EndpointType.Default;
await call1.Participants.InviteAsync(new List<InvitationParticipantInfo>() { target });
Which generates a request that looks like this (interesting that the identityProvider changed):
"participants": [
{
"#odata.type": "#microsoft.graph.invitationParticipantInfo",
"identity": {
"#odata.type": "#microsoft.graph.identitySet",
"phone": {
"#odata.type": "#microsoft.graph.identity",
"id": "+19054181287",
"tenantId": "8c6ae172-a3ea-4f50-994d-a0256822697f",
"identityProvider": "(Generic: l3QstqQ1)"
}
},
"endpointType": "default"
}
And that comes back with this:
Action failed: 81bd4426-7200-4c50-acba-f17b7a987322
exception: Code: 7505
Message: Request authorization tenant mismatch.
Scenario Id: 46ffbff3-bf9f-4b6d-a639-974c07b959dc
Inner error:
AdditionalData:
date: 2020-10-13T18:45:30
request-id: 5d152942-dc10-4baa-bb28-48bf991f944b
client-request-id: 83f84370-3708-4e3c-a34d-2f69bd8eb8a7
Given that the meeting organizer has permissions for PSTN dialout, as do invitees, is there a reason that a bot shouldn't be able to add a participant like this? What's interesting is that something very similar does work for redirecting/transferring incoming PSTN calls. The "Request authorization tenant mismatch" seems like a red herring (since it's all the same tenant)-is this just a case of "not supported right now"? I know PSTN calls from bots are (still) not officially supported, but I was curious whether anyone had a way to make this work?

microsoft graph api assign license giving error

I am trying to assign license to a user with Office 365 business premium skuid but getting following error.
Request body:
{
"addLicenses": [
{
"skuId": "skuid"
}
],
"removeLicenses": []
}
Response
{
"error": {
"code": "Request_BadRequest",
"message": "Another object with the same value for property proxyAddresses already exists.",
"innerError": {
"request-id": "b94663b1-f58f-4e30-a457-3db66a0f0b51",
"date": "2020-03-13T11:22:35"
},
"details": [
{
"target": "proxyAddresses",
"code": "ObjectConflict"
}
]
}
}
But the user whom I am assigning license is unique.
Any help is much appreciated.
I can reproduce your issue via the following steps:
I already have a user account: allen3#tenant.onmicrosoft.com. It has an alias (proxyAddress): allenwu#tenant.onmicrosoft.com.
Now I create a new account through Microsoft Graph API with allenwu#tenant.onmicrosoft.com as the userPrincipalName.
POST https://graph.microsoft.com/v1.0/users
Content-type: application/json
{
"accountEnabled": true,
"displayName": "allent3",
"mailNickname": "allent3",
"userPrincipalName": "allenwu#tenant.onmicrosoft.com",
"passwordProfile" : {
"forceChangePasswordNextSignIn": false,
"password": "password-value"
}
}
The magic happened: the account was created successfully!
But when I assign license to the account allenwu#tenant.onmicrosoft.com with Microsoft Graph API, it gives me the same error as yours.
So I think this error prompt is reasonable. (Although it is unreasonable for the account to be created successfully.)
Please check if your tenant has the same problem as me. Hope it's helpful.

How to fix "Unsupported AAD Identity" when create a call from webapp?

When I call this from my web app, I'm getting an error code 9000 - "Unsupported AAD Identity".
POST https://graph.microsoft.com/beta/app/calls
request header:
{
"Content-type" => "application/json",
"Authorization" => "Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6IkFRQUJBQUFBQUFBUDB3TGxxZExWVG9PcEE0a3d6U254TkY3UDFxM05tT0xEOHZJVXk0NmFtVWRaV1ZhbGdFUWx2Vkw4Mmp4cS1tZFpwOWdiY1kwdVB4U3ctOGlGd3JRM00zUWlBS29KS08zRzN3czNsNlFmZXlBQSIsImFsZyI6IlJTMjU2IiwieDV0IjoidTRPZk5GUEh3RUJvc0hqdHJhdU9iVjg0TG5ZIiwia2lkIjoidTRPZk5GUEh3RUJvc0hqdHJhdU9iVjg0TG5ZIn0.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC81NGRkYWJiMS1kNjU5LTRhZmYtODNkZi1kYzUwODk2OTI3YjgvIiwiaWF0IjoxNTYzODQxMTQ2LCJuYmYiOjE1NjM4NDExNDYsImV4cCI6MTU2Mzg0NTA0NiwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFTUUEyLzhNQUFBQWlhS2hob3hBalByVHJsOEZVc0w0Q2Y2Zkc4M2x4YVpIWXVYOTJaT0w5eDQ9IiwiYW1yIjpbInB3ZCIsInJzYSJdLCJhcHBfZGlzcGxheW5hbWUiOiJNeSBSdWJ5IEFwcCIsImFwcGlkIjoiYTFlMjliY2YtODYxOS00ZjVjLWEzMjAtNmY2N2QzMGZiOTlkIiwiYXBwaWRhY3IiOiIxIiwiZGV2aWNlaWQiOiJjMThiZDJmYS05YzhkLTRlOGItYTUwMi1lYWFlMmI2YzM1NjYiLCJmYW1pbHlfbmFtZSI6IuWFqOS9kyIsImdpdmVuX25hbWUiOiLnrqHnkIbogIUiLCJpcGFkZHIiOiIxNTMuMTU2Ljg5LjYzIiwibmFtZSI6IuWFqOS9kyDnrqHnkIbogIUiLCJvaWQiOiIwZGFmMzVhNS1jZjUyLTQ0ODMtYmM0NS0xM2ExYTBlYWE5Y2MiLCJwbGF0ZiI6IjMiLCJwdWlkIjoiMTAwMzIwMDA0OTE0QkVDMCIsInNjcCI6IkNhbGVuZGFycy5SZWFkIERpcmVjdG9yeS5BY2Nlc3NBc1VzZXIuQWxsIERpcmVjdG9yeS5SZWFkLkFsbCBlbWFpbCBHcm91cC5SZWFkLkFsbCBHcm91cC5SZWFkV3JpdGUuQWxsIG9wZW5pZCBwcm9maWxlIFVzZXIuUmVhZCBVc2VyLlJlYWQuQWxsIFVzZXIuUmVhZEJhc2ljLkFsbCIsInNpZ25pbl9zdGF0ZSI6WyJrbXNpIl0sInN1YiI6IktIZ3dXcEdHMWRRdHlUSGplU3pfQ1RPWk03b0w1bHRocWFUclRSbi1ucm8iLCJ0aWQiOiI1NGRkYWJiMS1kNjU5LTRhZmYtODNkZi1kYzUwODk2OTI3YjgiLCJ1bmlxdWVfbmFtZSI6ImFkbWluQGV4ZW9kZXYuaXRlZS5jby5qcCIsInVwbiI6ImFkbWluQGV4ZW9kZXYuaXRlZS5jby5qcCIsInV0aSI6IlVPRURPdnAzWEVTUU9rckU0dEFFQUEiLCJ2ZXIiOiIxLjAiLCJ3aWRzIjpbIjYyZTkwMzk0LTY5ZjUtNDIzNy05MTkwLTAxMjE3NzE0NWUxMCIsImY3MDkzOGEwLWZjMTAtNDE3Ny05ZTkwLTIxNzhmODc2NTczNyJdLCJ4bXNfc3QiOnsic3ViIjoiS2Mwc1JER3hHZFV5eDR6Qk1ucm9XWDhkNVpBTjVKN1EwSTh5SWZnUUhZZyJ9LCJ4bXNfdGNkdCI6MTU1ODMxNTU3OH0.cQmQLHWUfs8iOOPHf5SmWJYgsjQqLjZq9W5pKZzwRBtiQoOsUHILZkGYKz7_jx0bW-p87Cq6mFzswnoK30smEH6l7VW-gkzrxc2JFuDh-nKvfemTKnI3O_ZjtrEJNp-sWZF5Enm28Mg5Lh4hfBrSiROO8b0gAMytLWx9Qjy3H5x_zzdy34D1B1O8nCFrx217olDzarDCd6KqPtfCqoS00mWqCIwlEvHSi7OCtBV0HaUEl07-hi9hovu-uaHTLRW50fFP9hfoWYOz5qRyidpGNRtR26rUtexlOXtceZKYv5fD_VFNiBdT7d06EiK58UBib08eHjcvNJ6NEhcW0xTOxA"
}
request body:
{
"callbackUri": "https://bot.contoso.com/api/calls",
"mediaConfig": {
"#odata.type": "#microsoft.graph.serviceHostedMediaConfig",
"preFetchMedia": [
{
"uri": "https://cdn.contoso.com/beep.wav",
"resourceId": "1D6DE2D4-CD51-4309-8DAA-70768651088E"
},
{
"uri": "https://cdn.contoso.com/cool.wav",
"resourceId": "1D6DE2D4-CD51-4309-8DAA-70768651088F"
}
]
},
"source": {
"identity": {
"application": {
"id": "RealAppId"
}
},
"languageId": "languageId-value",
"region": "region-value"
},
"subject": "Test Call",
"targets": [
{
"identity": {
"user": {
"id": "RealTargetUserId",
"tenantId": "RealTenantId",
"displayName": "RealName"
}
}
}
],
"tenantId": "tenantId-value"
}
response:
{
"error": {
"code": "UnknownError",
"message": "{
"errorCode": "9000",
"message": "Unsupported AAD Identity.",
"instanceAnnotations": []
}",
"innerError": {
"request-id": "RealRequestId",
"date": "2019-07-23T00:25:12"
}
}
}
I n the request body, RealTargetUserId is an Azure ActiveDirectory UserID with an E1 license provisioned. RealAppId is the registered application id and with Permissions as follows:
Calls.AccessMedia.All
Calls.Initiate.All
Calls.InitiateGroupCall.All
Calls.JoinGroupCall.All
Calls.JoinGroupCallAsGuest.All
According to the documentation, you need one of the following Application scopes to create a call: Calls.JoinGroupCallsasGuest.All, Calls.JoinGroupCalls.All, Calls.Initiate.All, Calls.InitiateGroupCalls.All.
The authentication token you're using, however, is using Delegated scopes. This tells me you're either using OAuth's Authentication Code or Implicit grant flows. Neither of these will work for this operation.
In order to use this endpoint, you'll need to request an App-Only token using the OAuth Client Credentials grant. There are instructions on how to do this in the documentation: Get access without a user.
Also, you're over-requesting permission scopes. For example, there is no need to request User.Read, User.Read.All, and User.ReadBasic.All, you only need User.Read.All to accomplish the same thing. The same goes for Group.Read.All and Group.ReadWrite.All.
To fix issues with "Application is not registered in our store" you need to make sure that you use a Bot Channel Registration instead of just a normal App Registration.
The Bot Channel Registration should also have Microsoft Teams as a registered channel and have calling enabled.
For more information see: https://microsoftgraph.github.io/microsoft-graph-comms-samples/docs/articles/calls/register-calling-bot.html
The final step about adding the bot in teams can be skipped if you only care about API access.

Can't Delete Youtube Subscription With API

I have the code setup for the Youtube API with oauth login. Login appears to work properly. I can even see the requests hitting my analytics. However, when I run the code to unsubscribe from a channel, it never works on any channel ID I give it. It should be noted that I'm using the exact example from googles dev docs(see "full sample" option for javascript)... I'm guessing the code is correct and this is some other auth/lookup problem.
API code:
alert("deleting steven!!!!!!");
buildApiRequest('DELETE',
'/youtube/v3/subscriptions',
{'id': 'UCMtFAi84ehTSYSE9XoHefig'});
Stock Youtube API Code:
function executeRequest(request) {
request.execute(function(response) {
console.log(response);
});
}
function buildApiRequest(requestMethod, path, params, properties) {
params = removeEmptyParams(params);
var request;
if (properties) {
var resource = createResource(properties);
request = gapi.client.request({
'body': resource,
'method': requestMethod,
'path': path,
'params': params
});
} else {
request = gapi.client.request({
'method': requestMethod,
'path': path,
'params': params
});
}
executeRequest(request);
}
Here is the error:
{
"error": {
"errors": [
{
"domain": "youtube.subscription",
"reason": "subscriptionNotFound",
"message": "The subscription that you are trying to delete cannot be found. Check the value of the requests \u003ccode\u003eid\u003c/code\u003e parameter to ensure that it is correct."
}
],
"code": 404,
"message": "The subscription that you are trying to delete cannot be found. Check the value of the requests \u003ccode\u003eid\u003c/code\u003e parameter to ensure that it is correct."
}
}
Remember that the ID you have to send is not the channel ID. It's the ID of the subscriptions.
You can get it by sending request to check your subscriptions with the channel. For example
Request:
buildApiRequest('GET',
'/youtube/v3/subscriptions',
{'forChannelId': 'UCEhZglE9MQ4zTL5ErNXt5mg',
'mine': 'true',
'part': 'snippet,contentDetails'});
Response:
{
"kind": "youtube#subscription",
"etag": "\"XI7nbFXulYBIpL0ayR_gDh3eu1k/KrR9MNb4Xs1eNjWMxAH-f5ccsos\"",
"id": "Xmg72z6q83hK2hjx0J4ZwNVcgGz8fu9JCjeHu6eIb3M",
"snippet": {
"publishedAt": "2018-09-30T16:51:47.000Z",
"title": "Rebeca Willett",
"description": "",
"resourceId": {
"kind": "youtube#channel",
"channelId": "UCEhZglE9MQ4zTL5ErNXt5mg"
},
"channelId": "UCWfZYaoFrUOSoHNhCOOqKCQ",
"thumbnails": {
...
}
Using ID in the response to send request for unsubscribing:
buildApiRequest('DELETE',
'/youtube/v3/subscriptions',
{'id': 'Xmg72z6q83hK2hjx0J4ZwNVcgGz8fu9JCjeHu6eIb3M'});
Here is the google docs for getting subscriptions ID

Not getting private calendar events from Google

I want to import all events from Google calendar. In my code I will authenticate user first. Once user is sign in successfully then I will call below API using GET request.
https://www.googleapis.com/calendar/v3/calendars/my Email/events?key=my App Key&fields=items(id,start,summary,status,end)
I am getting response
{
"error": {
"errors": [
{
"domain": "global",
"reason": "notFound",
"message": "Not Found"
}
],
"code": 404,
"message": "Not Found"
}
}
Once I change my calendar as a public it will give all events details, but if calendar is mark as a private then it’s giving above response.
Any one having idea how to get events details from private calendar?
I think you may need add your access token to access your calendar information, if you use JavaScript library, you can take a look at these sample:
https://developers.google.com/api-client-library/javascript/features/authentication
I have implemented getCalendar using Angular JS + Ionic (using REST API)
https://developers.google.com/google-apps/calendar/v3/reference/
, but I am at work now, will send you later if you need it.
take a look at this example, you may understand how to attached yr request token to your request:
ionicExample.controller("DigitalOceanExample", function($scope, $http, $cordovaOauth) {
$scope.digitalOceanLogin = function() {
$cordovaOauth.digitalOcean("CLIENT_ID_HERE", "CLIENT_SECRET_HERE").then(function(result) {
window.localStorage.setItem("access_token", result.access_token);
}, function(error) {
console.log(error);
});
}
$scope.getDroplets = function() {
$http.defaults.headers.common.Authorization = "Bearer " + window.localStorage.getItem("access_token");
$http.get("https://api.digitalocean.com/v2/droplets")
.success(function(data) {
console.log(JSON.stringify(data.droplets));
})
.error(function(error) {
console.log(error);
});
}
});
I got the solution from this Google Developer console
LINK

Resources