I cant access endpoints in Microsoft graph.
I will be uploading a file to a users one drive when I have the communication set up but for now I am just trying to get a list of items in a drive.
This is the response I get from https://graph.microsoft.com/v1.0/drives/{{drive_id}}/root/children
{
"error": {
"code": "AccessDenied",
"message": "Either scp or roles claim need to be present in the token.",
"innerError": {
"request-id": "123",
"date": "2020-01-09T11:43:20"
}
}
}
I retrieved the drive_id by using graph explorer on endpoint https://graph.microsoft.com/v1.0/me/ on the signed in user.
It should be noted that I can use this endpoint https://graph.microsoft.com/v1.0/subscriptions So I must be doing something right with the access token.
I followed this tutorial to get the access token using the client credential flow.
and this is the code I use to get the access token
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/x-www-
form-urlencoded"));
var req = new HttpRequestMessage(HttpMethod.Post, $"https://login.microsoftonline.com/<tenant>/oauth2/token");
req.Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
{"grant_type", "client_credentials"},
{"client_id", "123"},
{"client_secret", "123"},
{"resource", "https://graph.microsoft.com"}
});
When I decode the JWT I do not see any scopes in the token but if I understand correctly header should get the scopes that have been permitted by admin.
An admin has already granted my app these permissions for graph explorer: (Although I do not have the delegate permissions, does that matter?)
Filse.Read,
Files.ReadWriteAll,
Sites.ReadWtiteAll,
User.Read
I am using this collection in postman to test.
Thanks in advance any advice is appreciated.
