azure-ad-graph-api

This question already has an answer here : Insufficent privileges when accessing azure graph api users list (1 answer) Closed 2 years ago . I have registered an AAD Application in my Tenant/Directory, and I want to call the Graph API in the App Only Context. (Using the Client Credential Flow) When making certain AAD Graph API calls, I get the error: "odata.error":{ "code":"Authorization_RequestDenied", "message":{ "lang":"en","value":"Insufficient privileges to complete the operation." } } I want to give this application full access to the Graph API in the context of my tenant. Or I want to

Is it possible to tell either in the XML file or through OfficeJs if the add-in can use the REST API or if it needs to use the older EWS API? We have an Outlook add-in that needs to support OWA/O365 and Outlook 2016 with a stand alone exchange server. We are wondering if it is possible through the manifest XML file or through OfficeJs to detect the configuration of users account so we can properly access their content with the correct API. The only alternative I can see is to provide two separate add-ins for this, but I assume MS has a solution to this issue. There isn't a specific API for

There is an existing question which already has an answer; however, the answer comes from a Microsoft developer and reads, "We are working to support the scenario you are requesting..." and goes on to provide a method which doesn't seem to answer my question. Original article: Using Microsoft graph to read all users calendars My question is, rather than subscribing to a single user's mailbox or calendar, is it possible to subscribe to all mailboxes or calendars? My application needs to listen to the create/update/delete events of calendar meetings and insert them into a SharePoint list. POST

I need to create an app registration with Azure AD using Azure SDK (or using rest api call, if it's not possible with SDK) normally you do it manually using portal: or calling Azure CLI command az ad app create How can I do it from SDK or REST service There are 2 possible ways to do this. You can pick what works based on your scenario. Microsoft Graph API Beta Endpoint Microsoft Graph API Beta endpoint and working with Application resource (as answered by Jean-Marc Prieur earlier too). POST https://graph.microsoft.com/beta/applications NOTE : This would work but caveat being it's a beta

I would like to authenticate against both Microsoft accounts and 'Work or School' accounts in a Azure multi-tenant environment. Each authentication type requires different requests. If I try to login as a Microsoft account against the 'work or school' request the login will fail at the Microsoft login and not return to my application. Is there a way to query if a given email address is a 'Work or School' account against the Microsoft graph API? If you use the REST api, it should automatically handle the two types of accounts. However, it is in preview and might have restrictions or issues.

I've set up a simple MVC Application using Azure Active Directory(AAD). I need to query the AAD Graph API in order to manage application roles and groups from my application. In the Startup class, I received the AccessToken like that: public void ConfigureAuth(IAppBuilder app) { AntiForgeryConfig.UniqueClaimTypeIdentifier = ClaimTypes.NameIdentifier; app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType); app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { ClientId =

Removing an AppRole from an Application’s manifest produces a 400 Bad Request with the error Property value cannot be deleted unless it is disabled first. When I set the isEnabled property to false and then hit save, I get a successful saven with a 200 OK looking at the browsers developer tools: After reloading the Edit manifest screen the isEnabled property is still true and if you look at the PUT response in the browsers developer tools, it's coming back as true there too. How can I remove an appRole without having to delete and recreate the entire application? Update I've raised the

Is there a way to find each role that exists against a tenant and number of users which have been assigned against each role using GraphServiceClient or GraphConnection class? I am using C#. Directory Roles - Finding all directory roles and count of their members for tenant I have given sample code for both Microsoft Graph API ( https://graph.microsoft.com ) as well as Azure AD Graph API ( https://graph.windows.net ), but it would be strongly recommended to use newer Microsoft Graph API unless there is something specific that you aren't able to get from it and only then look at Azure AD Graph

I've the following auth code copied from the browser for a user who granted our app to use their Office 365 email. code=OAQABAAIAAADRNYRQ3dhRSrm-4K-adpCJ3J3UJ8GyC2qJDvNhlrUAObjph6sQ3A9waeQ5Tr-DA6WzxCdFbvadCRJw2S4a_lwA7MyelZWAPQZOlaB_X_1165CbmTXJMGioU6Cr0DhVTUzIlUv_-Svjp8DBrLVCxcDp5rJMM5mDNR0iGysuDIozWnOaPqCOl35NxPzyktrYK6D1MBptmXOPbhS-stTZXbHJr9gGE3FHzMU0XANXmTm30q4SPaoWPch-S1uFFL4xwS2oUv-lELBdcfIGh5UJBSraabGihVWUnbwBhh8eURSMRwryi7kubUcq0D27S-vIVZhtKopemQ1njAcExO58S7EgAyqbIzMxvmBXBe0X1ieVrcyHYRpt4ZAq1Z4v5HLTrYhx5fGp6AkqhV09yri3bqXaZvw5R1hKuhAbRDt_isZn