I have a very basic azure function:
#r "Newtonsoft.Json"
using System.Net;
using System.Net.Http;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Primitives;
using Newtonsoft.Json;
public static async Task<IActionResult> Run(HttpRequest req, string authToken, ILogger log)
{
string msgId = req.Query["messageId"];
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
dynamic data = JsonConvert.DeserializeObject(requestBody);
msgId = msgId ?? data?.messageId;
if (string.IsNullOrEmpty(msgId))
return new BadRequestObjectResult("Please pass a messageId on the query string or in the request body");
// access me via graph
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + authToken);
var response = await client.GetAsync("https://graph.microsoft.com/v1.0/users/*****/mailFolders/inbox/messages/" + msgId);
string retResp = await response.Content.ReadAsStringAsync();
log.LogInformation(retResp);
}
return new OkObjectResult(msgId);
}
The Auth token is provided by the azure function Auth token binding:
However i always get the following answer from Microsoft graph:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"request-id": "24a1e799-2f9f-4452-8d46-20d4e3db160d",
"date": "2019-01-02T07:39:15"
}
}
}
And yes: The admin consented and i even tried to give all available permissions to the app and consented, but i still get the same message. Do you have any idea how i can validate the token or get more Information?