msGraph application: addKey returns with insufficient privileges

David Li 0 Reputation points
2023-07-06T04:27:59.1766667+00:00

This is related to https://learn.microsoft.com/en-us/graph/api/application-addkey?view=graph-rest-1.0&tabs=http

I have a valid certificate created, access token is via client credential based on https://learn.microsoft.com/en-us/azure/active-directory/develop/certificate-credentials

the error I got after calling addKey endpoint:

{
error: {
code: 'Authorization_RequestDenied',
message: 'Insufficient privileges to complete the operation.',
innerError:

{ date: '2023-07-06T03:07:29', 'request-id': 'df9d9173-79ae-43cd-be16-22f9502f784e', 'client-request-id': 'df9d9173-79ae-43cd-be16-22f9502f784e' }

}
}

Based on what the page says: An application does not need any specific permission to roll its own keys. I have no ideas why I am getting this insufficient privileges issue. Any helps would be greatly appreciated.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,859 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. Dillon Silzer 57,601 Reputation points
    2023-07-06T05:23:23.3766667+00:00

    Make sure that you have granted the following API permissions:

    User's image

    Also, try disconnecting from Graph and reconnecting to the API from the terminal.


    If this is helpful please accept answer.

    0 comments No comments

  2. David Li 0 Reputation points
    2023-07-06T05:33:05.8266667+00:00

    I IUser's image

    I am trying to upload a new certificate to my own account where app is registered, based on the words highlighted in purple, I should not need any permission to do it, unless I misunderstood.

    The application permissions are needed when uploading certificate to the account where my app is installed which is not my case. again i would be wrong.

    Please correct me if any mistakes. Thanks


  3. David Li 0 Reputation points
    2023-07-13T06:18:29.1833333+00:00

    Any ideas anyone?

    All helps would be greatly appreciated

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.