Microsoft Graph API Logic App Authentication

Question

I am having a difficult time getting a Microsoft Graph API call to work. Specifically, I am having a hard time with the authentication process working. I followed the directions in this article

http://martink.me/articles/using-microsoft-graph-in-logic-apps

However, when I make the api call of https://graph.microsoft.com/v1.0/me/messages/{id}, I get the error:

Current authenticated context is not valid for this request. This occurs when a request is made to an endpoint that requires user sign-in. For example, /me requires a signed-in user. Acquire a token on behalf of a user to make requests to these endpoints. Use the OAuth 2.0 authorization code flow for mobile and native apps and the OAuth 2.0 implicit flow for single-page web apps.

I then added an oAuth token call to get a token. Then I used that token in the Authorization header when making the Microsoft Graph Api call. I still get the same error.

Can anyone provide guidance on how best to make an Graph Api call in LogicApps? Do I only need the authentication discussed in the article? Or, do I need to call the Graph Api with an Authorization token? Do I need to make an oAuth authorization call before I make the oAuth token call?

Answer 1

This exception is caused by the token acquired using the client credentials flow. In this flow, there is no context for /Me.

This type of grant is commonly used for server-to-server interactions that must run in the background, without immediate interaction with a user(no user logged in).

For your problem, you are using client credential flow and you are granting application permissions, so you should request /users.

 GET   https://graph.microsoft.com/v1.0/users/{id | userPrincipalName}/messages/{id}