How to authenticate and list users / run different graph ql api's using Microsoft graph API

Question

I've created an enterprise application /application registration in azure cloud console . And created web credentials client secret.

https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal

I am using microsoft go sdks to authenticate with client secrets and get the list of users / list of apps / graph client current user that are part of the enterprise application which I created earlier. Please find the below code. However following code is returning error every time on go sdk calls.

package main

import (
    "context" 
    "fmt" 
    "github.com/Azure/azure-sdk-for-go/sdk/azidentity"
    "github.com/Azure/go-autorest/autorest/to" 
    msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
    msgraphcore "github.com/microsoftgraph/msgraph-sdk-go-core" 
    a "github.com/microsoftgraph/msgraph-sdk-go-core/authentication" 
    "github.com/microsoftgraph/msgraph-sdk-go/applications" 
    "github.com/microsoftgraph/msgraph-sdk-go/models" 
    "github.com/microsoftgraph/msgraph-sdk-go/users" 
    "log" 
)

func main() {

    cred, err := azidentity.NewClientSecretCredential("dd....", "10...", "LV....", nil)
    
    if err != nil {
        log.Fatal(err)
    }
    
    auth, err := a.NewAzureIdentityAuthenticationProviderWithScopes(cred, []string{"https://graph.microsoft.com/.default"})
    if err != nil {
        log.Fatal(err)
    }
    requestAdapter, err := msgraphsdk.NewGraphRequestAdapter(auth)
    if err != nil {
        log.Fatal(err)
    }
    
    graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
    query := users.UserItemRequestBuilderGetQueryParameters{
        Select: []string{"displayName", "jobTitle"},
    }
    
    options := users.UserItemRequestBuilderGetRequestConfiguration{
        QueryParameters: &query,
    }
    
    result, err := graphClient.Me().Get(context.Background(), &options)
    if err != nil {
        fmt.Printf("Error getting users: %v\n", err)
        log.Fatal(err)
    }
    
    appGetOptions := &applications.ApplicationsRequestBuilderGetRequestConfiguration{
        QueryParameters: &applications.ApplicationsRequestBuilderGetQueryParameters{
            Filter: to.StringPtr(getDisplayNameFilter("swagger")),
        },
    }
    
    _, err_ := graphClient.Applications().Get(context.Background(), appGetOptions)
    if err_ != nil {
        log.Fatal(err_)
    }

}

func getDisplayNameFilter(displayName string) string {
 return fmt.Sprintf("displayName eq '%s'", displayName) 
}

When I run the above code the following error is encountered with response code as 0.

Error getting users: error status code received from the API

Can you please let me know what am I doing wrong that's causing the errors while running the program? Do I need to enable some setting on azure enterprise application to get valid response ?

Answer 1

Hi @Bala GHALI

If you are using application permissions, don't try to get the current user as the user login does not exist in the application context.

Also, if you are trying to retrieve a list of all users assigned for a given enterprise application, refer to the following code.

appRoleAssignedTo, err := graphClient.ServicePrincipals().ByServicePrincipalId("servicePrincipal-id").AppRoleAssignedTo().Get(context.Background(), nil)

Hope this helps.

If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.