Site Salt 0 Reputation points

I have an app registered on Azure (free plan), which I want to use to read the emails from the Outlook inbox, with PHP. I set these permissions in order to be able to query the Graph API:

User's image

I have successfully redeemed an access token from my PHP app. With this token, I get a successful response on{id}:

    "@odata.context": "$metadata#users/$entity",
    "businessPhones": [],
    "displayName": "My Display Name",
    "givenName": "My Name",
    "jobTitle": null,
    "mail": null,
    "mobilePhone": null,
    "officeLocation": null,
    "preferredLanguage": "en",
    "surname": "My Surname",
    "userPrincipalName": "",
    "id": "aaaaaaaa-bbbb-cccc-..."

The scope of this token is also suitable for what I need:

User's image

However, when I want to query{id}/mailfolders/inbox/messages?$orderby=receivedDateTime DESC for instance, I get this response:

    "error": {
        "code": "OrganizationFromTenantGuidNotFound",
        "message": "The tenant for tenant guid 'aaaaaaaa-bbbb-cccc-...' does not exist.",
        "innerError": {
            "oAuthEventOperationId": "27e88783-1c1e-48f7-be98-f555a5332497",
            "oAuthEventcV": "RkY2sv+z7pLFXJ0v7Oa18Q.1",
            "errorUrl": "",
            "requestId": "9565f55c-71b9-4885-a61f-746caed65588",
            "date": "2023-03-18T15:23:24"

I did an extensive search about this error, but found nothing. One answer I found states that I need a "need a Microsoft office 365 account with a subscription". The plan I currently use is free. It also prompts me to buy Microsoft 365:

User's image

Is this a limitation of the free plan, which denies me the ability to read emails through the Graph api?

Or is there something wrong I'm doing?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,562 questions
Microsoft Graph Mail API
Microsoft Graph Mail API
A Microsoft API that supports accessing data in users' primary mailboxes and in shared mailboxes.
729 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
865 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shivam Dhiman-MSFT 5,186 Reputation points Microsoft Vendor

    Hi @Site Salt

    Error 401 Unauthorized 'OrganizationFromTenantGuidNotFound' generally occurs when your Azure AD does not have Office 365 account to work.
    As per the last screenshot, the account which you are trying to access is not present in your tenant. Please make sure, user which you are trying to access is present in your tenant and have valid subscription.

    Also, to get Mailbox of User (if not shared) you need to use Application permissions.

    Hope this helps.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have further questions about this answer, please click "Comment"