stackoom
  简体   繁体   中英

Django with Microsoft API 365 - Service Discovery error

 原文  2015-06-30 14:38:34       python/ django/ azure/ office365

Question

I'm trying to make a Django application that can autheticate users with Microsoft 365 accounts, and I found this project on Github: https://github.com/jasonjoh/pythoncontacts

I followed the documentation and I get to the point where I'm prompted to the Microsoft account log-in page, where I give consent to the Azure AD app.

After reading the code, I understand that the Django app is trying to get the services available at: https://api.office.com/discovery/v1.0/me/services

The problem is that the link is giving me this error: 

{"error":{"code":"-2147024891, System.UnauthorizedAccessException","message":"Access denied. You do not have permission to perform this action or access this resource."}}

I don't know if this problem is due to the Azure AD app permissions or due to the code.

Is my understanding that the Django app is asking the Azure AD Authorization Endpoint to log-in. This endpoint is returning the Sign-in window, and after the authentication I get the authorization code. With it, I should redeem the authorization code and acquire an access token at the Azure AD Token Endpoint, to be able to call the Office 365 API with it.

This are the permissions my app has in Azure AD ------------

3 answers

solution1
 1 ACCPTED  2015-06-30 15:56:03

You need to add in the Permissions to other applications the following: "Office 365 Exchange Online".

If you don't see it, make sure you have a paid subscription in Azure and in Office 365. If you have only a subscription in Azure, you will see the "Default Directory" that won't show you the application named above.

Hope it helps :)

solution2
 0  2015-06-30 17:10:23

rGonzalez is correct. The code sample uses the Office 365 APIs that are in production before Office 365 Unified API was announced (in public preview). You have 2 options: - Option #1 (recommended): Use Office 365 Unified APIs. You will need to modify your app to skip the step to call Discovery APIs, and instead call the endpoint https://graph.microsoft.com/beta . See here for API docs. - Option #2: Get an Exchange subscription for your Office 365 tenant, so you see Office 365 Exchange Online listed as an option in your app registration page, and select "Read and write user calendars", "Send mail as a user", and "Read and write user mail" as permissions for your app.

Also, in the screenshot you attached, you don't "Read user calendars" and "Read user mail" permissions for your app, as they are already included in "Have full access to user calendars" and "Read and write access to user mail" permissions respectively.

solution3
 0  2015-06-30 17:11:05

To access the discovery service you need to get a token with resource= https://api.office.com/discovery/

Now, if you are using the new Office 365 unified API there is no need for using the discovery service as all the information is served from a single endpoint https://graph.microsoft.com

hope that helps

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Watson Discovery service create_collection() api call returns Error 415: Unsupported Media Type How to send and read mail using Microsoft graph api (python-o365) in Python Django using web app based authentication? Querying Office 365 Service Communications API with Python How to authenticate with Google Spreadsheets API using Python client / discovery service? Subscribe to Microsoft Office 365 Management Activity API: Authorization denied build an API service in Django Error with Watson Discovery API's add_document method Django test discovery fails Data Security : OCR in Microsoft Cognitive Service API What is Google API Discovery?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM