Getting -"Either scp or roles claim need to be present in the token" and Access Denied while using Graph API to upload files to sharepoint

Kompal Sithta 71 Reputation points
2022-12-12T11:15:46.73+00:00

Initially when I tried to generate the token using the url - https://login.microsoftonline.com/tenant-id/oauth2/v2.0/token I was able to fetch the Bearer token using grant_type, client_id, scope and client_secret in the body.
But when I tried to fetch the driver_id using the url - https://graph.microsoft.com/v1.0/drives and Authorization in Headers, I am facing the following error :
"error": {
"code": "AccessDenied",
"message": "Either scp or roles claim need to be present in the token.",
"innerError": {
"date": "2022-12-12T10:44:02",
"request-id": "45bxxxxxxxxxxx38e3c23e38",
"client-request-id": "45b1xxxxxxxxx8-7d38e3c23e38"
}
}
}

The API permissions that I have granted are:
269578-permissions.png

I tried to decode the token as well through the decoder site but could not find any roles.
I am not able to figure out the mistake.
Thankyou

Microsoft Security | Microsoft Graph
{count} votes

2 answers

Sort by: Most helpful
  1. Vasil Michev 119.9K Reputation points MVP Volunteer Moderator
    2022-12-12T14:31:38.813+00:00

    The permissions you've granted correspond to the Delegate permissions model, whereas you seem to be using the client credentials (application permissions) flow to obtain a token. Either add the same permissions, but in the application permissions model, or use one of the user-centric flows to obtain a token. For example: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow

    1 person found this answer helpful.

  2. Lab Admin 2 0 Reputation points
    2025-03-12T04:47:43.43+00:00

    Hi, here the problem is with the Graph API permissions in the Azure App registration. Here is the YouTube video for this how to fix this issue:

    How to fix this error "Either SCP or Roles Claim need to be present in the token" - https://youtu.be/YJ_RcdRl2-g

    How to upload file to SharePoint using Graph API and Postman tool: https://youtu.be/uiUdZDfhbRw

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.