Not able to get mails from Microsoft Graph API

Question

I am trying to get mails from my outlook account using the Graph API. I am using my organisations outlook account from which I have configured my application.

I am successfully able to get auth2 token from api https://login.microsoftonline.com/common/oauth2/v2.0/token but while querying api, I am getting the below error

{
    "error": {
        "code": "BadRequest",
        "message": "Current authenticated context is not valid for this request. This occurs when a request is made to an endpoint that requires user sign-in. For example, /me requires a signed-in user.  Acquire a token on behalf of a user to make requests to these endpoints.  Use the OAuth 2.0 authorization code flow for mobile and native apps and the OAuth 2.0 implicit flow for single-page web apps.",
        "innerError": {
            "request-id": "807ce785-38b6-4fbb-b670-6419768b08c3",
            "date": "2019-06-21T11:59:26"
        }
    }
}

The API I used was https://graph.microsoft.com/v1.0/me/messages and the headers I have used are:

X-AnchorMailbox:{{my_email}}
Accept:application/json
Authorization:Bearer {{token}}

The application I am using is postman for querying api.

Answer 1

It looks like the token you've obtained literally has no signed-in user context as the error message says. You probably use OAuth2 client credentials flow to get a token, while for calling /me methods you need to use implicit grant flow, which will redirect user to login.microsoftonline.com to sign in and then use the obtained (through delegated permissions) token to call Graph.

So you basically have two options:

1. Use delegated permissions, implicit grant flow (user signs in interactively) and https://graph.microsoft.com/v1.0/me/messages
2. Use application permissions, client credentials grant flow (no user sign-in required) and https://graph.microsoft.com/v1.0/users/{userPrincipalName}/messages