CODEWITHSUNDEEP
javascriptionic-frameworkionic2microsoft-graph-api
kierandes
kierandes

Reputation: 181

Access Token error - Graph API getting user profile

I'm using Microsoft graph API to get to login and get a users profile. I have the accessToken. Though I'm trying to get the profile of the user that I got the AccessToken with.

This is my code, am I missing anything here? Just need the users profile. Note: I'm using Cors anywhere through a proxy server, which has worked for getting the code and accessToken.

Thanks for your help!

I've tried adding the resource URL. I've tried changing the headers (you don't need body parameters for GET and DEL requests).

let auth =
  "http://localhost:8080/https://graph.microsoft.com/v1.0/me?access_token=";
let client_id = "?client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
let redirect_uri = "&redirect_uri=http://localhost:8100/";
let response = "&response_type=code";
let resource = "&resource=https://graph.microsoft.com";
let scope =
  "&scope=openid+https://outlook.office.com/Contacts.read+offline_access";

let url =
  auth + token + resource + client_id + redirect_uri;

//let url = 'http://localhost:8080/https://graph.microsoft.com/v1.0/me?access_token=' + token +"&resource=https://graph.microsoft.com";
this.http.get(url, {
  headers: {
    Authorization: "Bearer " + token,
    "Content-Type": "application/x-www-form-urlencoded",
    "Access-Control-Allow-Origin": "*",
    resource: "https://graph.microsoft.com"
  }
});

Expected: to take the AccessToken and get a user's profile like in Part 4 here.

Upvotes: 0

Views: 697

Answers (1)

Marc LaFleur
Marc LaFleur

Reputation: 33094

You've got a number of things going on here.

  1. You're specifying both scope and resource properties. These don't belong together. If you're using the v1 Endpoint then you should be using resource, if you're using the v2 Endpoint then you should be using scope. See Scopes, Not Resources in the documentation.

  2. Your url is not correct. The actual URL should look like this for v1:

    https://login.microsoftonline.com/common/oauth2/authorize?client_id={id}&scope=https%3A%2F%2Fgraph.microsoft.com&redirect_uri={uri}&response_type=code

    or for v2, like this:

    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={id}&scope=openid+user.read+contacts.read+offline_access&redirect_uri={uri}&response_type=code

  3. Can't use http.get() for this. OAuth's Authorization Code grant starts by redirecting the user to this URL. It will then return the code you then POST back to the /token endpoint to retrieve the access_token and refresh_token.

  4. You need the User.Read scope to retrieve a user's profile (or User.ReadBasic.All to retrieve other user's profiles).

I would recommend using the v2 Endpoint and starting here:

Upvotes: 1

Related Questions