I have made a web app that using Microsoft Graph and the scopes profile, openid, email and User.Read. This works fine.
I now want to include offline_access, User.Read, Mail.Send, Calendars.ReadWrite, Directory.ReadWrite.All, Directory.AccessAsUser.All, User.Read.All, Files.ReadWrite.All, Files.Read, Files.ReadWrite, and Sites.Read.All scopes.
When trying to login I get the message:
You can't access this application.
Tutorial Sample App needs permission to access resources in your organisation that only an admin can grant. Please ask an admin to grant permission to this app before you can use it.
I registered the app at https://apps.dev.microsoft.com/ and have these Graph Permissions set:
Using PHP, I use the following
use Microsoft\Graph\Graph;
use Microsoft\Graph\Model;
const CLIENT_ID = 'xxx';
const CLIENT_SECRET = 'xxx';
const REDIRECT_URI = 'xxxx';
const AUTHORITY_URL = 'https://login.microsoftonline.com/common';
const AUTHORIZE_ENDPOINT = '/oauth2/v2.0/authorize';
const TOKEN_ENDPOINT = '/oauth2/v2.0/token';
const SCOPES = 'profile openid email offline_access User.Read Mail.Send Calendars.ReadWrite Directory.ReadWrite.All Directory.AccessAsUser.All User.Read.All Files.ReadWrite.All Files.Read Files.ReadWrite Sites.Read.All';
and to create the authorisationUrl
$authorizationUrl = $provider->getAuthorizationUrl();
So, how can I get admin to grant access?
