Reputation: 19
Client Credentials access token not working office 365
I am using client credentials flow to generate an access token. Following is the request.
I received the access token and I am using to call Web API like
https://graph.microsoft.com/v1.0/me/mailfolders/inbox/messages
Following is the screenshot
Calling Web API gives InvalidAuthenticationToken Error.
Any workaround on this.?
Upvotes: 1
Views: 469
Answers (1)
Reputation: 33094
You're resource should be set to https://graph.microsoft.com.
In your screenshot, theresource is set to https://outlook.office.com but you're calling a Microsoft Graph. Since you're providing an access_token for a different resource, Microsoft Graph is rejecting it.
You also need to make sure you've requested the proper Microsoft Graph permissions in the Azure Portal. To call /mailFolders/inbox/messages for example, you need request permission for either Mail.Read or Mail.ReadWrite.
Finally, you cannot use /me with the Client Credentials grant. The /me is simply shorthand for /users/{current-user-id}/. Since Client Credentials does not have a current user, the API has no idea which user me is. You will need to reference a specific user entity in the path:
/v1.0/users/{userPrincipalName}/mailfolders/inbox/messages
Upvotes: 1
Related Questions
- Microsoft graph return "access token is empty"
- Access Token missing or malformed when calling Graph API
- AAD microsoft graph, client credentials
- Microsoft Graph client error : Authentication challenge is required
- Microsoft Azure OAuth ID Token In Client Credentials Grant
- Unable to get access token from Azure AD when using Microsoft Graph Explorer
- Not able to get access_token for Microsoft Graph API OAuth 2.0 using username & password
- Graph API Client token authentication issue
- MS Graph API: invalid authentication token
- Trouble with authorization using client_credentials Azure AD Graph API