Please help, POST request isnt working in Graph API, getting this error:User not authorized to perform this operation.

Jack Finch 25 Reputation points
2023-08-03T02:24:36.75+00:00

Hi,

Please help, im trying to publish a teams app using the Azure Graph Api however it isnt working, im getting this error:

{"error":{"code":"Forbidden","message":"User not authorized to perform this operation. UserId:..... TenantId: .....

Im not sure what else to do, heres my code:

# URL to request the token
token_url="https://login.microsoftonline.com/$tenant/oauth2/v2.0/token"

data="client_id=$client_id&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default&client_secret=$client_secret&grant_type=client_credentials"

response=$(curl -s -X POST -d "$data" -H "Content-Type: application/x-www-form-urlencoded" "$token_url")

access_token=$(echo "$response" | jq -r '.access_token')


file_location="@manifests/myApp/manifest.zip"

echo "Access Token: $access_token"

#POST request, doesn't work
-H "Authorization: Bearer $access_token" \ 
-H "Content-type: application/zip" \ 
--data-binary "$file_location" \ 
"https://graph.microsoft.com/beta/appCatalogs/teamsApps"

#Get Request (Works perfectly fine)
#curl -s -H "Authorization: Bearer $access_token" -H "ConsistencyLevel: eventual" "https://graph.microsoft.com/v1.0/appCatalogs/teamsApps"


Heres my request token body that contains the roles:

",
  "roles": [
    "AppCatalog.ReadWrite.All",
    "Directory.ReadWrite.All"
  ],

Any help is greatly appreciated, i'm not sure what else to try.

Kind Regards,

Jack.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
9,942 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
1,854 questions
{count} vote

Accepted answer
  1. CarlZhao-MSFT 34,701 Reputation points
    2023-08-03T06:58:34.9633333+00:00

    Hi @Jack Finch

    This is because the Publish teamsApps API does not yet support application permissions, you should grant your app one of the following delegated permissions, then use the delegated authentication flow (auth cod flow or ROPC flow) to obtain an access token.

    User's image

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Jack Finch 25 Reputation points
    2023-08-03T15:49:57.8566667+00:00

    It worked! Thank you so much for your help, I appreciate it.

    0 comments No comments