CODEWITHSUNDEEP
phpoutlookmicrosoft-graph-apiemail-attachments
MalcolmInTheCenter
MalcolmInTheCenter

Reputation: 1605

What permissions do I need to get a message from Microsoft Graph API?

I'm retrieving Outlook email attachments using msgraph-sdk-php and noticed that some emails have a .eml attachments. When I get the email attachment by calling /users/{user_id}/messages/{message_id}/attachments' I noticed that the response doesn't contain contentBytes key.
for example:

[
  {
    "@odata.type": "#microsoft.graph.itemAttachment",
    "id": "AAMkADlkMmfGrEBKuveYeL8nxW0=",
    "lastModifiedDateTime": "2023-08-02T17:12:04Z",
    "name": "single.eml",
    "contentType": "message/rfc822",
    "size": 23811,
    "isInline": false
  }
]

Non .eml attachments do contain the contentBytes.

So i'm trying this endpoint me/messages/<Message-Id>/$value which I got from this post

$cid = (new Graph())->setAccessToken($accessToken)
    ->createCollectionRequest("GET",
        '/users/' . $userId . 'messages/' . $outlook_email->getId() . '/$value')
    ->setReturnType(\Microsoft\Graph\Model\Message::class)
    ->execute();

but I get this error

Client error: `GET https:\/\/graph.microsoft.com\/v1.0\/users\/636cb59d65489cmessages\/AAMkADlkMmIwZ_50gsmT9V9pNAAA=\/$value` resulted in a `403 Forbidden` response:\n{\"error\":{\"code\":\"Authorization_RequestDenied\",\"message\":\"Insufficient privileges to complete the operation.\",\"innerError\":{\"date\":\"2023-08-02T22:16:55\",\"request-id\":\"d3bcdef3-2c0d08121b5f\",\"client-request-id\":\"d3bcdef308121b5f\"}}}\n

I've search through Microsofts documentation but I can't figure out which permission to set so I can execute that call.

Which permission do I need? Or is there a different way for me to get the .eml attachment content?

Upvotes: 1

Views: 354

Answers (1)

Glen Scales
Glen Scales

Reputation: 22032

To get the attached message you have to use

/users/{user_id}/messages/{message_id}/attachments/{attachment_id}/$value'

this is documented in https://learn.microsoft.com/en-us/graph/api/attachment-get?view=graph-rest-1.0&tabs=http

If you can get file attachments on other messages then your permissions should be okay. The exception maybe if you only had Mail.ReadBasic permissions but Mail.Read either delegate or application should be okay. But if you where trying to use the MessageId from the attachment in me/messages//$value that would give you an error.

Upvotes: 0

Related Questions