Microsoft Graph SharePoint access items (read/write) - microsoft-graph-api

I am attempting to create a new list item in SharePoint Online using the [beta] Microsoft Graph endpoint. The goal is to call Microsoft Graph from an Outlook Add-in but the problem persists on Postman.
When I call the endpoint as per the documentation I get the following error message:
{
"error": {
"code": "unauthenticated",
"message": "The caller is not authenticated.",
"innerError": {
"request-id": "bb094f39-71c9-4c7d-9d9b-913cc9622baf",
"date": "2017-08-08T11:32:02"
}
}
}
I'm using ADAL JS to fetch the authentication token and I initialized my AuthenticationContext with my tenantID. My app has the following permissions: offline_access, Sites.Read.All, Sites.ReadWrite.All, User.Read
2nd Edit - more details on readItem
I use the https://graph.microsoft.com/beta/sites/{site-id}/lists/{list-id}/items endpoint with the {site-id} of my desired site from /sites and the {list-id} of the list from /sites/{site-id}/lists but this is the empty response I get:
{
"#odata.context": "https://graph.microsoft.com/...",
"value": []
}
If I try to to add /{item-id} to my original call to access specific item I receive this response:
{
"error": {
"code": "itemNotFound",
"message": "The specified list was not found",
"innerError": {
"request-id": "6e7ccae3-3aee-4dbb-ae3e-de61250478e0",
"date": "2017-08-09T13:13:33"
}
}
}
Which doesn't make sense because I can retrieve valid information about the list if i make the call without /items/..
Any and all input appreciated :) I'll gladly provide more code, this is all I deemed relevant and didn't want to overcrowd the post.

might be that you actually don't have an item with that id, since https://graph.microsoft.com/beta/sites/{site-id}/lists/{list-id}/items/1 works for me.
test the id's you really have by just https://graph.microsoft.com/beta/sites/{site-id}/lists/{list-id}/items and each item returns it's id.

Related

Teams Export API not allowing me to filter by channel

I'm trying to use the Teams Export API to export a single Teams channel. I have my permissions set up properly; if I make a request to
https://graph.microsoft.com/v1.0/teams/{TEAM_ID}/channels/getAllMessages (without specifying a filter), I get the paginated results of all of the channel messages on my team. If I copy the sample datetime filters in that documentation, I also get a successful response with the appropriate results.
A successful response gives me a list of messages. Each one shows a channelIdentity field, which contains a channelId (fields removed for readability):
{
"value": [
{
"channelIdentity": {
"teamId": "{TEAM ID}",
"channelId": "{CHANNEL ID}"
},
},
]
}
What I want is to use this channelIdentity/channelId field as a filter on the results, so that I can export just the messages from a single channel.
If I run GET https://graph.microsoft.com/v1.0/teams/{TEAM_ID}/channels/getAllMessages?$filter=channelIdentity/channelId eq '{CHANNEL ID}', I get an error:
{
"error": {
"code": "BadRequest",
"message": "The entity property 'channelIdentity/channelId' and operationKind 'Equal' is not allowed in $filter query.",
"innerError": {
"date": "2022-11-16T23:47:06",
"request-id": "...",
"client-request-id": "..."
}
}
}
This reads to me like I'm not allowed to use eq with this ID. If I try a 'starts with', I get a different error:
GET https://graph.microsoft.com/v1.0/teams/{TEAM_ID}/channels/getAllMessages?$filter=startswith(channelIdentity/teamId, '{CHANNEL ID}')
{
"error": {
"code": "BadRequest",
"message": "Only binary operation expressions are allowed.",
"innerError": {
"date": "2022-11-17T00:11:26",
"request-id": "...",
"client-request-id": "..."
}
}
}
I'm unclear on what this is trying to say - either the ID starts with that phrase or it doesn't; it seems like a binary expression to me.
Is there some other approach I should use to get these results filtered by channel ID?
This API is designed to export everything from a team for backup/archival scenario. So, filtering by a specific channel is not supported now.
If you wish you may suggest this feature on Microsoft Feedback portal.
Any reason why you don't use List Channel Messages?
You can then make a GET call against this URL:
"https://graph.microsoft.com/v1.0/teams/{teamid}/channels/{channel id}/messages"
Note - as per that link you will need to Request access:
https://learn.microsoft.com/en-us/graph/teams-protected-apis
One other method, if you are using Graph Explorer, is add the signed-in user to the team as an owner, and it will let you test this method, you just won't be able to call via an App Registration until you do fill out that form.

Getting Unknown error while accessing MS Graph API

I'm trying to get the chat messages from MS team channel using API.
https://graph.microsoft.com/v1.0/teams/{team-id}/channels/{channel-id}/messages
It works in graph explorer and returns the list of all chat messages. But when I hit the same API within Postman it return the following error:
I have consented all the required permission in azure app. What else am I missing here. Has anyone faced similar issues?
Please let me know.
{
"error": {
"code": "UnknownError",
"message": "",
"innerError": {
"date": "2021-04-20T04:01:46",
"request-id": "e32d3a2e-001c-4478-8c9c-8d5ff0c5e125",
"client-request-id": "e32d3a2e-001c-4478-8c9c-8d5ff0c5e125"
}
}
}
list channel messages is under protected API in MS teams. Before calling this API with application permissions, you must request access. To get the access you have to apply request access form

microsoft-graph api users endpoint with filter provides NextLink Token Expired

Removing my code as part of the equation, I was able to reproduce this through the Microsoft Graph API Explorer.
First, I Do a GET https://graph.microsoft.com/v1.0/users?$filter=assignedLicenses%2fany(d%3ad%2fskuid+eq+ --actualySKUIDHere--)
I get results back like
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#users",
"#odata.nextLink": "https://graph.microsoft.com/v1.0/users?$filter=assignedLicenses%2fany(d%3ad%2fskuid+eq+
--actualSKUIDHere-- )&$skiptoken=X%27 --actualtokenhere-- %27",
"value": [
{
I copy paste the nextLink into the API Explorer
ie.
https://graph.microsoft.com/v1.0/users?$filter=assignedLicenses%2fany(d%3ad%2fskuid+eq+ --actualSKUIDHere-- )&$skiptoken=X%27 --actualtokenhere-- %27
and it works with good results like above, but the next skipToken is shorter and copy & pasting it will result in the following
{
"error": {
"code": "Directory_ExpiredPageToken",
"message": "The specified page token value has expired and can no longer be included in your request.",
"innerError": {
"request-id": "4cce84ea-83c5-403a-98d2-5ad5c948fcdc",
"date": "2020-02-03T21:04:43"
}
} }
I'm assuming this is a bug but wanted to post to see if anyone else has experienced this and has a resolution
This was a temporary service issue which has been fixed since. You should not try to parse/modify the next link in your application, simply use it as provided by the service.

Unable to delete AppRoleAssignment using Beta Graph API

I'm using the Graph API beta endpoint to try and delete an AppRoleAssigmnet:
https://graph.microsoft.com/beta/appRoleAssignments/I9pzftcx_06aCwX8sV9cmziqx-oiF21IlkxV9xRYvBM
I am using the DELETE verb and below is the response I get back:
109
{
"error": {
"code": "Request_UnsupportedQuery",
"message": "Direct queries to this resource type are not supported.",
"innerError": {
"request-id": "aa7c14a3-f700-4368-898e-009f1608ade1",
"date": "2019-04-30T00:29:50"
}
}
}
0
According to the beta documentation, this is allowed:
https://learn.microsoft.com/en-us/graph/api/approleassignment-delete?view=graph-rest-beta
I also verified the correct permissions according to the documentation as well.
I know this is a beta endpoint but any chance this will be fixed soon or do I need to use the Azure AD API instead?
UPDATE
I tried going through the users collection and it also fails:
https://graph.microsoft.com/beta/users/7e73da23-31d7-4eff-9a0b-05fcb15f5c9b/appRoleAssignments/I9pzftcx_06aCwX8sV9cmziqx-oiF21IlkxV9xRYvBM
I am using the DELETE verb and below is the response I get back:
fb
{
"error": {
"code": "BadRequest",
"message": "Write requests are only supported on contained entities",
"innerError": {
"request-id": "b6db0eee-dc45-4e10-a56c-9a870fb7315c",
"date": "2019-04-30T23:49:24"
}
}
}
0
I tried going through the service principal collection and it also fails:
https://graph.microsoft.com/beta/servicePrincipals/27e0a182-2008-4b4e-b998-731e0d111041/appRoleAssignments/I9pzftcx_06aCwX8sV9cmziqx-oiF21IlkxV9xRYvBM
I am using the DELETE verb and below is the response I get back:
18b
{
"error": {
"code": "BadRequest",
"message": "The type 'microsoft.graph.appRoleAssignment' does not inherit from and is not a base type of 'microsoft.graph.directoryObject'. The type of 'KeySegments' must be related to the Type of the EntitySet.",
"innerError": {
"request-id": "8c981e82-755e-4c25-b448-58d2b71e12c7",
"date": "2019-04-30T23:46:20"
}
}
}
0
I'm afraid this service bug has existed for a very long time. The only thing I can say is to try this with AAD Graph until this is fixed in Microsoft Graph. The schema unfortunately models appRoleAssignments as a standard relationship, whereas in fact it is implemented as a contained entity (i.e. you can only operate on the app role assignment when it is contained as part of another entity - like users, groups or servicePrincipals). The schema definition needs to be updated. The documentation is accurate IMHO.
Hope this helps

Internal Server Error when Deleting Event from Group Calendar

I am primarily using the .net Microsoft graph client. I can create and change a group calendar's events with the API, but cannot delete them.
I know that my GraphServiceClient has a good user context token.
My code is
await client.Groups[GroupId.ToString()].Events[DeadlineId].Request().DeleteAsync();
I have also tried using an HTTP client "Delete" event to https://graph.microsoft.com/v1.0/groups/{GroupId}/events/{EventId}
The response I get is:
Error Received:
{
"error": {
"code": "ErrorInternalServerError",
"message": "[0x30140102] BodyTag",
"innerError": {
"request-id": "2ab3ad41-b6e2-47d1-88cc-ef3a3640d153",
"date": "2017-06-29T04:08:38"
}
}
}
Am I doing something wrong or is there a problem on Microsoft's end?

Resources