When generating an access token for Microsoft Graph API via ADAL, Graph API does not accept the token.
{
"odata.error": {
"code": "Authorization_RequestDenied",
"message": {
"lang": "en",
"value": "Insufficient privileges to complete the operation."
}
}
}
The application should read all users of a tenant. The application is configured to have User.Read.All
privileges. The application consent is granted by the tenant, where the users should be read from - the application does appear with the privileges in Azure Portal.
The application worked a few days ago and I changed nothing. Other applications using the same way to authenticate work.
It seems, that the documentation from microsoft is not correct. Listing users requires the Directory.Read
permission.
According to Microsoft it is not clear, if this is a bug in Graph API or the documentation is wrong.
An issue is open at Github here .
This issue was fixed in an update of the Graph API in May 2017.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.