This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(166.4, 21%, 26%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
The Microsoft graph API for androidManagedStoreAppConfiguration always giving 403 Forbidden error, while permissions required to call this API as background application already given to app.
The API is working when we authenticate with user credentials but always giving 403 when calling as application-level with admin consent.
Please find the details as:
Request: https://graph.microsoft.com/beta/deviceAppManagement/mobileAppConfigurations
Body:
{
"profileApplicability": "default",
"roleScopeTagIds": [],
"packageId": "Package Id value",
"payloadJson": "Payload Json value",
"permissionActions": [],
"description": "Description value",
"displayName": "Display Name value",
"targetedMobileApps": [
"78275341-6d68-4f17-8755-d05f7c4bdf9a"
],
"@odata.type": "#microsoft.graph.androidManagedStoreAppConfiguration"
}
Request Type: POST
Authentication Type: Consented by Administrator
Authentication Scope: .default
Permissions: DeviceManagementApps.ReadWrite.All
Call Reference: https://learn.microsoft.com/en-us/graph/api/intune-apps-androidmanagedstoreappconfiguration-create?view=graph-rest-beta
Even after providing all application-level permission just to check if some permission causing issue, it's still giving 403-Forbidden.
Please advise if anyone has some leads.
Hi Rahul,
"Microsoft graph API for androidManagedStoreAppConfiguration always giving 403 Forbidden error"
This error can occur due to various reasons, related with valid access token, permissions scope, token type and permissions match. Some of these can be an alarm for you?