Azure Graph API 403 Error using Java tutorial

1
votes

I’ve been working through a doc at:

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-devquickstarts-webapp-java

But when I run the project, I’m redirected to the ADFS login page and after authentication im receiving this error:

java.io.IOException: Server returned HTTP response code: 403 for URL: https://graph.windows.net/swisherint.onmicrosoft.com/users?api-version=2013-04-05

I get this error when I run from local host. I also deployed the sample app to Azure and getting the same error.

I've added permissions to Graph API with read directory permissions in active directory > App Registrations > Required permissions. I also added Windows Azure Active Directory permissions (sign in and read user profile)

Is this a common error? Am I using the wrong version of the Graph API? I've tried several solutions from other questions but not working.

2
javaazuregraph

2 Answers

1
votes

It appears that the Azure Graph API requires the URI connection type, instead of the HttpUrlConnection the java tutorial used. This works without the 403 error: 

       try{
        // OAuth2 is required to access this API. For more information visit:
        // https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks

        // Specify values for path parameters (shown as {...})
        URIBuilder builder = new URIBuilder("https://graph.windows.net/swisherint.onmicrosoft.com/users");
        // Specify values for the following required parameters
        builder.setParameter("api-version", "1.6");
        // Specify values for optional parameters, as needed
        // builder.setParameter("$filter", "startswith(displayName,'A')");
        URI uri = builder.build();
        HttpGet request = new HttpGet(uri);
        HttpResponse response = httpclient.execute(request);
        HttpEntity entity = response.getEntity();
        if (entity != null) {
            System.out.println(EntityUtils.toString(entity));
        }

        users =  EntityUtils.toString(entity);
    }
    catch (Exception e)
    {
        System.out.println(e.getMessage());
    }

Thanks for responding!

KB

0
votes

According to the new offical document reference for AAD Graph API Get Users, it seems the api-version property in the code should be changed to 1.6. Please try it.

Meanwhile, there is an Error code reference list that you can find the description of the common error code 403 for AAD Graph API calling. And be checking whether your issue is belong to the one of the errors Authentication_Unauthorized, Authorization_RequestDenied & Directory_QuotaExceeded.

Any update, please feel free to let me know.