Getting -"Either scp or roles claim need to be present in the token" and Access Denied while using Graph API to upload files to sharepoint

Question

Initially when I tried to generate the token using the url - https://login.microsoftonline.com/tenant-id/oauth2/v2.0/token I was able to fetch the Bearer token using grant_type, client_id, scope and client_secret in the body.
But when I tried to fetch the driver_id using the url - https://graph.microsoft.com/v1.0/drives and Authorization in Headers, I am facing the following error :
"error": {
"code": "AccessDenied",
"message": "Either scp or roles claim need to be present in the token.",
"innerError": {
"date": "2022-12-12T10:44:02",
"request-id": "45bxxxxxxxxxxx38e3c23e38",
"client-request-id": "45b1xxxxxxxxx8-7d38e3c23e38"
}
}
}

The API permissions that I have granted are:

I tried to decode the token as well through the decoder site but could not find any roles.
I am not able to figure out the mistake.
Thankyou

Answer 1

The permissions you've granted correspond to the Delegate permissions model, whereas you seem to be using the client credentials (application permissions) flow to obtain a token. Either add the same permissions, but in the application permissions model, or use one of the user-centric flows to obtain a token. For example: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

Answer 2

Hi, here the problem is with the Graph API permissions in the Azure App registration. Here is the YouTube video for this how to fix this issue:

How to fix this error "Either SCP or Roles Claim need to be present in the token" - https://youtu.be/YJ_RcdRl2-g

How to upload file to SharePoint using Graph API and Postman tool: https://youtu.be/uiUdZDfhbRw