In the case that the error says access between first-party applications must be handled via preauthorization, the issue is because the user is signed in as a service principal. The command should succeed if it is executed by a user instead.
API to get foreign exchange rates
We are attempting to use the API call detailed from
https://learn.microsoft.com/en-us/partner/develop/get-foreign-exchange-rates
to get foreign exchange rates and have followed the prerequisites for setting up an App Registration with the correct permissions and access.
Graph API request for which you are seeing the problem is https://api.partner.microsoft.com/v1.0/sales/fxrates
Question: Graph API error message
Answer: {
'error': {
'code': 'Unauthorized',
'message': 'The caller is not authorized to perform the action.',
'innerError': {
'code': 'UnauthorizedAccess',
'message': ''
}
}
}
401 failed to authorize : AADSTS65002: Consent between first party application 'REDACTED GUID' and first party resource 'REDACTED GUID must be configured via preauthorization. Visit https://identitydocs.azurewebsites.net/static/aad/preauthorization.html for details Trace ID: 5b95431c-317c-4599-8490-b16703d1eb00 Correlation ID: 5815cbd6-b64e-495b-be84-2668d4bcb4da Timestamp: 2020-11-05 15:09:50Z (invalid_grant)
I've been following the steps and prerequisites in the following partner pricing scenario: https://learn.microsoft.com/en-us/partner/develop/get-foreign-exchange-rates
First we've been requesting a OAuth2 token via the:
https://login.microsoftonline.com/{<!-- -->{tenantId}}/oauth2/token endpoint with the resource of:
https://api.partner.microsoft.com
And using that token in the https://api.partner.microsoft.com/v1.0/sales/fxrates endpoint which returns the error message mentioned in the Graph API error message field.
1 answer
Sort by: Most helpful
-
Marilee Turscak-MSFT 36,846 Reputation points Microsoft Employee
2020-11-14T00:10:35.303+00:00