stackoom
  简体   繁体   中英

MsalServiceException: AADSTS500011: The resource principal named https://graph.microsoft.com/v1.0 not found

 原文  2020-09-08 06:48:29       c#/ asp.net/ azure-active-directory/ microsoft-graph-api

Question

Scope value = "https://graph.microsoft.com/.default" OR "https://graph.microsoft.com/beta"

gives below err in asp.net c#.

MsalServiceException: AADSTS500011: The resource principal named https://graph.microsoft.com/v1.0 was not found in the tenant named 'xxxxxxxx'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.

code:

string clientId = AppClientID;
        string clientSecret = Secret;
        string redirectUri =`enter code here` System.Configuration.ConfigurationManager.AppSettings["redirectUri"]; 
        string authority = "https://login.microsoftonline.com/" + tenantID;              
        string[] scopes = new string[] { "https://graph.microsoft.com/.default" };        
        //string[] scopes = new string[] { "https://graph.microsoft.com/beta/.default" };        
        IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
            .Create(clientId)
            .WithRedirectUri(redirectUri)
            .WithClientSecret(clientSecret)
            .WithAuthority(authority)
            .Build();
        AuthorizationCodeProvider auth = new AuthorizationCodeProvider(app, scopes);
        GraphServiceClient graphServiceClient = new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) =>
        {           
            var authResult = app.AcquireTokenForClient(scopes).WithAuthority(authority, true).ExecuteAsync().Result.AccessToken.ToString();
            requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult);
        }));      
        var onlineMeeting = new OnlineMeeting
        {
            StartDateTime = DateTimeOffset.Parse("2021-07-12T21:30:34.2444915+00:00"),
            EndDateTime = DateTimeOffset.Parse("2021-07-12T22:00:34.2464912+00:00"),
            Subject = "My First MS Teams Meeting"
        };
        await graphServiceClient.Me.OnlineMeetings.Request().AddAsync(onlineMeeting);

1 answers

solution1
 1 ACCPTED  2020-09-08 10:36:33

  1. If I set " scope " to https://graph.microsoft.com/v1.0/.default , your problem can be reproduced, so please make sure to set "scope" to https://graph .microsoft.com/.default .

在此处输入图片说明

  1. You cannot use the [AcquireTokenForClient][2] function in the auth code flow to obtain a token. It is generally applied to the client credential flow . This flow does not require user login, so even if you use this function to obtain a token, it is not correct. You can parse the To view the token, it does not have the permissions you added in the portal. For the auth code flow , you should use AcquireTokenByAuthorizationCode to obtain the token, as Pamela mentioned.

Use AcquireTokenByAuthorizationCode to obtain the token and parse:

在此处输入图片说明 在此处输入图片说明

3.Code: 

            string clientId = "{clientId}";
            string clientSecret = "{clientSecret}";
            string redirectUri = "{redirectUri}";
            string authority = "https://login.microsoftonline.com/{tenant id}";
            string authorizationCode = "code";

            string[] scopes = new string[] { "https://graph.microsoft.com/.default" };

            IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
                .Create(clientId)
                .WithRedirectUri(redirectUri)
                .WithClientSecret(clientSecret)
                .WithAuthority(authority)
                .Build();

            AuthorizationCodeProvider auth = new AuthorizationCodeProvider(app, scopes);

            GraphServiceClient graphServiceClient = new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) => {

                // Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
                var authResult = await app.AcquireTokenByAuthorizationCode(scopes, authorizationCode).ExecuteAsync();

                // Add the access token in the Authorization header of the API request.
                requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);

            })
            );

            var onlineMeeting = new OnlineMeeting
            {
                StartDateTime = DateTimeOffset.Parse("2021-07-12T21:30:34.2444915+00:00"),
                EndDateTime = DateTimeOffset.Parse("2021-07-12T22:00:34.2464912+00:00"),
                Subject = "My First MS Teams Meeting"
            };

            await graphServiceClient.Me.OnlineMeetings.Request().AddAsync(onlineMeeting);

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure Function App w/ 0Auth error - ERROR: AADSTS500011: The resource principal named AAD Object ID of a rooms on running https://graph.microsoft.com/v1.0/places/microsoft.graph.room AADSTS500011 - PowerBi C# .NET (resource x not found in tenant y) Get SharePoint Access token from already generated access token for the Microsoft Graph resource (https://graph.microsoft.com) MS Graph v1.0 Profile Picture Ressource Not Found PATCH request on https://graph.microsoft.com/beta/applications returns 403 Issue in Converting the Users Results from Microsoft Graph API V1.0 to Json Getting Forbidden 403 error while creating OnlineMeeting using Microsoft Graph v1.0 SDK Unable to search Microsoft Graph Api V1.0 users using Wildcard search pattern Microsoft Graph REST API v1.0 Get listItem(10.000.000 List Item from a SharePoint list)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM