Reputation: 1
Forbidden error when calling Microsoft Graph from Java Application using Application ID
List SCOPES = Arrays.asList("https://graph.microsoft.com/.default"); final ClientSecretCredential credential = new ClientSecretCredentialBuilder() .clientId(applicationId) .clientSecret(secret) .tenantId(tenantId) .build(); final TokenCredentialAuthProvider authProvider_new = new TokenCredentialAuthProvider(SCOPES, credential);
GraphServiceClient graphClient = GraphServiceClient
.builder()
.authenticationProvider(authProvider)
.buildClient();
graphClient.users().buildRequest().get();
With
compile group: 'com.microsoft.azure', name: 'azure-spring-boot', version: '2.3.5'
compile group: 'com.google.guava', name: 'guava', version: '28.2-jre'
compile group: 'com.azure', name: 'azure-identity', version: '1.2.5'
compile group: 'com.microsoft.graph', name: 'microsoft-graph', version: '3.5.0'
I've added all the necessary permissions to the application, and it's been consented in Active Directory, but same response.
It works using this code, after I sign in with a user account: final DeviceCodeCredential credential1 = new DeviceCodeCredentialBuilder() .clientId(applicationId) .challengeConsumer(challenge -> System.out.println(challenge.getMessage())) .build();
But I want to use ClientSecretCredential and use the client secret, not create a challenge.
Update: The error message I get is
SEVERE: Throwable detail: com.microsoft.graph.http.GraphServiceException: Error code: Authorization_RequestDenied
Error message: Insufficient privileges to complete the operation.
GET https://graph.microsoft.com/v1.0/users
SdkVersion : graph-java/v3.5.0
403 : Forbidden
Here's a link of the permissions the app has in API Permissions
I also have the following permissions to Azure Rights Management Services in case it helps Application.Read.All, Content.DelegatedReader, Content.SuperUser
Upvotes: 0
Views: 784
Answers (1)
Reputation: 1823
Based on your granted permission you missed the User.ReadWrite and User.ReadWrite.All Please add that permission .
For more details refer this document:
Upvotes: 1
Related Questions
- Unable to list graph permissions granted to the application from Java
- 403 Error when making API call to Microsoft Graph with proper permissions
- Microsoft Graph SDK for Java - InvalidAuthenticationToken error 80049217
- Java requests to Microsoft Graph API perform ok but return 500
- Microsoft Oauth2 403 Forbidden
- Microsoft Graph 401 Unauthorized with access token
- Azure AD Graph api returns Forbidden
- Graph API Access denied error
- Getting error "Unable to check Directory Read access for appId" when trying to access Graph REST API programmatically from a .net application
- Microsoft Graph API beta endpoint gives 401 Unauthorized