Home > OS >  Accessing Graph API in Multi-tenanted function app
Accessing Graph API in Multi-tenanted function app

Time:01-11

I am trying to build a Function App that connects to the Graph API and reads the available emails. I am able to retrieve emails from one tenant which has the email permissions listed in 'API Permissions' with the name of the specific tenant. However, when I sign in using another tenancy the consent screen where Permission is requested is empty. And if I try to perform a request to pull emails I get a Authorization_RequestDenied "Insufficient privileges to complete the operation." error. Is there something I am missing or am I not able to retrieve emails from another tenancy like this?

CodePudding user response:

Most likely your scope parameter when authenticating does not include the permission you specified. Statically defined permissions (the ones defined in portal) are used if you use the special ".default" scope. So instead of e.g. "User.Read" as scope, you can use:

https://graph.microsoft.com/.default

Documentation for .default scope: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#the-default-scope

Page link:https//www.codepudding.com/os/258694.html

Prev:python datetime with 6 digit milliseconds
Next:Error : Get-AzRoleassignement : Cannot find principal using the specified options
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding