I´m trying to call MS Graph API to get the Photo from a Group using Application permissions, but I´m getting an "Access is denied. Check credentials and try again."
According to this link:
https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/profilephoto_get
App permissions are supported:
For user resource: User.Read.All, User.ReadWrite.All
For group resource: Group.Read.All, Group.ReadWrite.All
I´m getting an App token, and I can see those permissions:
"roles": [
"User.ReadWrite.All",
"Group.Read.All",
"Group.ReadWrite.All",
"Directory.Read.All",
"User.Read.All" ]
Seems a bug in the Photo endpoint for Groups, as curiously, I can get any User photo using same App token. None of the Photo endpoints works for Groups:
/groups/{id}/photo
/groups/{id}/photo/$value
/groups/{id}/photos
Am I missing something? is there any other permission required (not documented).
In case anyone from MS product team can take a look, here is one of the error Ids:
{
"error": {
"code": "ErrorAccessDenied",
"message": "Access is denied. Check credentials and try again.",
"innerError": {
"request-id": "ac884427-69ee-407e-b198-06bd6af5f4be",
"date": "2018-10-30T13:12:19"
}
}
}
Thanks!
