Getting forbidden while hitting the

Hamendra Kumar (HCL Technologies Ltd) 0 Reputation points Microsoft Vendor

Hi Team,

Now For the Token generation I am using below code :

var _clientApplication = ConfidentialClientApplicationBuilder.Create("clientid") .WithAuthority("") .WithClientSecret("Secret") .Build(); string GetaccessToken = _clientApplication.AcquireTokenForClient(scopes.ToArray()).ExecuteAsync().Result.AccessToken;

for invoking the graph Client object :

ClientSecretCredential clientSecretCredential = new ClientSecretCredential(tenantID, clientId, clientSecret);

GraphServiceClient graphClient = new GraphServiceClient(clientSecretCredential, scopes);

User me = await graphClient.Users["user-id"].GetAsync();

we are getting this.Token=GetaccessToken from above code

  1. By using the above token we are hitting URL("") to upload the app manifest file but we are getting forbidden Could you please tell me what wrong here, our token is generated by the clientID and Client Secret why it is not working here?
  2. User's image

0 commentsNo commentsReport a concern

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,772 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Stephen Baker 80 Reputation points

    Ensure that the access token is being correctly acquired and that it hasn’t expired. Tokens should be passed in the HTTP Authorization header as a Bearer token. Verify that the correct permission scopes are included in your token request. The scopes must match the permissions required by the Microsoft Graph API endpoint you’re calling. fidelity netbenefits If your application requires permissions that need admin consent, ensure that an administrator has granted consent for the required permissions in the Azure portal. Make sure you’re using the correct endpoint for the Microsoft Graph API. If you’re using /beta, be aware that features in the beta endpoint are subject to change and can have intermittent issues. If you’re using the client credentials flow, ensure that it’s properly configured. This flow is used for service-to-service calls that run in the background without a user. Consider using the Microsoft Authentication Library (MSAL) for acquiring tokens, as it provides a more streamlined and reliable way of handling token acquisition and refresh.