Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)

Laia 0 Reputation points
2023-03-28T07:59:46.28+00:00

I'm trying to get the events from outlook calendar but I get an error doing so. I have an app registered on Azure Portal (free plan), which I'm using to read the events with Nodejs. This are the permissions I've set in order to be able to query the Microsoft Graph API:

User's image

Using https://login.microsoftonline.com/{tenantId}/oauth2/authorize?client_id={clientId}&response_type=code&redirect_uri=http://localhost:3000&scope=https://graph.microsoft.com/.default openid profile offline_access&state=12345 I've been able to get a {code} which I'm using to redeem an access token using https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token with this body parameters: 

{
    "grant_type": "authorization_code",
    "code": "{code}",
    "redirect_uri": "http://localhost:3000",
    "client_id": "{clientId}",
    "client_secret": "{clientSecret}",
    "scope": "https://graph.microsoft.com/.default openid profile offline_access"
}

I believe that the scope of this token is also suitable for what I need:User's image

When I try to make a request to https://graph.microsoft.com/v1.0/{tenantId}/users or even https://graph.microsoft.com/v1.0/997f56e7-06b6-44ad-be6a-3cc7377ae54a/users/{userId}, I get the users data without problems. The response looks like this:

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
    "businessPhones": [],
    "displayName": "My Display Name",
    "givenName": "My Name",
    "jobTitle": null,
    "mail": null,
    "mobilePhone": null,
    "officeLocation": null,
    "preferredLanguage": "en",
    "surname": "My Surname",
    "userPrincipalName": "...@....onmicrosoft.com",
    "id": "aaaaaaaa-bbbb-cccc-..."
}

But when I make a request to https://graph.microsoft.com/v1.0/{tenantId}/users/{userId}/calendars I get the following error:

{"error":{"code":"OrganizationFromTenantGuidNotFound","message":"The tenant for tenant guid
'997f56e7-06b6-44ad-be6a-3cc7377ae54a' does not
exist.","innerError":{"oAuthEventOperationId":"bf9e026f-6160-4975-8952-1796d0903882","oAuthEventcV":"tiG/jGvOvqjHEw5i0jde2Q.1","errorUrl":"https://aka.ms/autherrors#error-InvalidTenant","requestId":"b274ff09-22e7-48ff-abfa-1703c90ad358","date":"2023-03-28T07:42:17"}}}

I followed this documentation: https://learn.microsoft.com/en-us/graph/api/user-list-calendars?view=graph-rest-1.0&tabs=http

Also, I did an extensive search about this error and I found that I needed a Microsoft 365 subscription, so I bought one. I currently have the Microsoft 365 personal plan.

User's image

And I added the Office 365 Management APIs permissions on Azure Portal:

User's image

I still have the same issue, do I need to set up the tenant again? Do I need to change something in the configuration or am I missing something? Maybe I don't have the right subscription, do I need a Microsoft 365 Business subscription? How can I solve it?

What's interesting is that when I try to make the exact same requests using the Microsoft Graph Explorer it works as expected. And if I use the token given there in Access token tab in my backend it works as well, so I believe the problem is with the token I'm getting.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
3,755 questions
Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,550 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-03-28T09:21:12.2033333+00:00

    Hi @Laia,

    Thanks for reaching out!

    'OrganizationFromTenantGuidNotFound' occurs when your Azure AD does not have Office 365 account to work. Therefore, it cannot have /events. /Users works because that is an Azure AD endpoint.

    If you want to access your calendar for your development O365 tenant, register the app in your O365 AAD tenant that you got when you created the development tenant.

    Please follow the below steps:

    • You need Microsoft 365 account with subscription
    • In your azure portal login with your Office 365 account
    • Create app in Azure active directory under App registration and give permissions according to the documentation
    • Then use your calendar endpoint for users.

    You were getting user data users/{users-id} with this API because its Azure AD endpoint.

    You need delegated token with permissions 'Calendars.Read, Calendars.Read.Shared, Calendars.ReadWrite' to use 'me/calendars' endpoint.

    You need application permissions 'Calendars.Read, Calendars.ReadWrite' to use 'users/{userId}/calendars' endpoint.

    Hope this helps.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have further questions about this answer, please click "Comment".