Get "403 Forbidden - No authorization information present on the request" when i try to get joined teams

Question

Get "403 Forbidden - No authorization information present on the request" when i try to get joined teams

Jane Lin 20

Hi,

I try to get joined teams with token:

https://graph.microsoft.com/v1.0/me/joinedTeams

but i get a 403 Forbidden response:

{
    "error": {
        "code": "Forbidden",
        "message": "No authorization information present on the request.",
        "innerError": {
            "date": "2024-08-19T07:17:21",
            "request-id": "004b1da7-702e-455e-9b93-f0396217203f",
            "client-request-id": "004b1da7-702e-455e-9b93-f0396217203f"
        }
    }
}

i can use the same token to get me/messages, and i also add team related permissions to the app

User's image

can anyone give me some suggestions to solve this issue?

thanks

Prasad-MSFT 10,466 Reputation points Microsoft External Staff Moderator

2024-08-19T09:52:31.96+00:00

We have tested the same Graph API and are able to get desired results.

Make sure you have added necessary permissions while running the Graph API as stated here:
https://learn.microsoft.com/en-us/graph/api/user-list-joinedteams?view=graph-rest-1.0&tabs=http#permissions
Jane Lin 20 Reputation points

2024-08-19T10:36:19.2533333+00:00
Hi @Prasad-MSFT ,

Thanks for your help with testing. From the UI it looks like you should be using Graph Explorer, right?

I also encountered problems when testing the joinedTeams API using Graph Explorer:

In the Modify Permissions tab, the required Permissions list cannot be listed.

When I click Open the permissions panel and join Team.ReadBasic.All, and then click the Run query button, 403 Forbidden still appears. Open the permissions panel again and you will find that Team.ReadBasic.All has not been successfully added.

Do you have any ideas to solve this problem?

Permissions for the query are missing on this tab. Open the permissions panel to see the full list of Microsoft Graph permissions and select the permission(s) you want and consent to them from there.

I'm wondering if this has something to do with the account type. I used a company email address to register an account. Does this count as a personal account or a work account?
Prasad-MSFT 10,466 Reputation points Microsoft External Staff Moderator

2024-08-20T05:20:05.39+00:00

Personal Microsoft account is not supported. You need to use work or school account with delegated permissions: TeamSettings.Read.All, TeamSettings.ReadWrite.All, User.Read.All, User.ReadWrite.All
Jane Lin 20 Reputation points

2024-08-20T05:56:56.4466667+00:00

OK, we will go to the supervisor to confirm the account type, thank you for your help！

Answer accepted by question author

0 additional answers

Your answer

Prasad-MSFT 10,466 Reputation points Microsoft External Staff Moderator

2024-08-19T09:52:31.96+00:00

We have tested the same Graph API and are able to get desired results.

Make sure you have added necessary permissions while running the Graph API as stated here:
https://learn.microsoft.com/en-us/graph/api/user-list-joinedteams?view=graph-rest-1.0&tabs=http#permissions
Jane Lin 20 Reputation points

2024-08-19T10:36:19.2533333+00:00

Hi @Prasad-MSFT ,

Thanks for your help with testing. From the UI it looks like you should be using Graph Explorer, right?

I also encountered problems when testing the joinedTeams API using Graph Explorer:

In the Modify Permissions tab, the required Permissions list cannot be listed.

When I click Open the permissions panel and join Team.ReadBasic.All, and then click the Run query button, 403 Forbidden still appears. Open the permissions panel again and you will find that Team.ReadBasic.All has not been successfully added.

Do you have any ideas to solve this problem?

Permissions for the query are missing on this tab. Open the permissions panel to see the full list of Microsoft Graph permissions and select the permission(s) you want and consent to them from there.

I'm wondering if this has something to do with the account type. I used a company email address to register an account. Does this count as a personal account or a work account?
Prasad-MSFT 10,466 Reputation points Microsoft External Staff Moderator

2024-08-20T05:20:05.39+00:00

Personal Microsoft account is not supported. You need to use work or school account with delegated permissions: TeamSettings.Read.All, TeamSettings.ReadWrite.All, User.Read.All, User.ReadWrite.All
Jane Lin 20 Reputation points

2024-08-20T05:56:56.4466667+00:00

OK, we will go to the supervisor to confirm the account type, thank you for your help！

Answer 1

Hitesh Pachipulusu - MSFT 3,640 Microsoft External Staff

Hello Jane Lin,

Thank you for contacting Microsoft Support!

I have tested the same Graph API endpoint in postman using delegated permissions and able to fetch the response. Please find the below screenshot.

image (7)

It sounds like you’re encountering an authorization issue when trying to access the joined teams endpoint. Here are a few things you can check:

Token Scope: Ensure that the token you’re using has the correct permissions. For accessing joined teams, you need the Team.ReadBasic.All permission.
Token Validity: Verify that the token is still valid and hasn’t expired. Use a tool like jwt.io to decode your token. This will allow you to see the token’s payload.

Hope this helps.

If the answer is helpful, please click Accept Answer and kindly upvote it. If you have any further questions about this answer, please click Comment.

Jane Lin 20 Reputation points

2024-08-19T10:52:24.4766667+00:00
Hi ,

Thank you for your help in testing and analyzing the reasons. Regarding your suggestions:

Token Scope: I have added Team.ReadBasic.All permission to the app. Is this correct?

Token Validity: With the same token, after I first tested joinedTeams and got 403 Forbidden, Then I tested me/messages and could still get the information successfully, so I think it should still be valid.

I tried to decode the token using jwt, but an error occurred and could not be parsed. Does this mean that my token is incorrect?

I'm wondering if this has something to do with the account type. I used a company email address to register an account. Does this count as a personal account or a work account?
Hitesh Pachipulusu - MSFT 3,640 Reputation points Microsoft External Staff

2024-08-19T11:14:40.34+00:00
Hello,

Permissions in Graph Explorer: Ensure that you’ve granted the necessary permissions in Graph Explorer. You can do this by clicking on the “Modify permissions” tab and ensuring Group.Read.All or Group.ReadWrite.All is checked along with Teams.ReadBasic.All.

Token Inclusion: Verify that the token is being included correctly in the Authorization header. Graph Explorer should handle this automatically, but it’s good to double-check.

If everything seems correct and you’re still getting a 403 Forbidden error, it might be helpful to:

Regenerate the Token: Try signing out and back in to Graph Explorer to get a fresh token.

Hope this helps.
Jane Lin 20 Reputation points

2024-08-20T05:53:38.4133333+00:00
Hi @Hitesh Pachipulusu - MSFT ,I tried to record the operation process of Graph Explorer, but the video format cannot be uploaded. My steps are as follows:

Switch to “Modify permissions” tab

show "Permissions for the query are missing on this tab. Open the permissions panel to see the full list of Microsoft Graph permissions and select the permission(s) you want and consent to them from there"

Click the "Open the permissions panel" link to expand the permissions panel and add these permissions: Group.Read.All, Group.ReadWrite.All, and Teams.Read.All

Show Scope consent successful

Click "Run query" and return 430 Forbidden

Show "Forbidden - 403 - 709 ms. Either the signed-in user does not have sufficient privileges, or you need to consent to one of the permissions on the Modify permissions tab"

Open the permission panel again to view, but Teams.Read.All is not consent.

Go to test /messages. The required permissions are listed and the data can be obtained successfully.

My colleagues and I are thinking that maybe admin authorization is needed. We will discuss it with our supervisor.

If we have any questions, we will submit a new question. Thank you very much for your help. :)
Prasad-MSFT 10,466 Reputation points Microsoft External Staff Moderator

2024-08-22T12:04:12.3033333+00:00

Jane Lin Could you please share your valuable feedback via Microsoft Teams Developer Community Response Feedback link?
Prasad-MSFT 10,466 Reputation points Microsoft External Staff Moderator

2024-08-22T12:04:39.4666667+00:00

Jane Lin, Could you please share your valuable feedback via Microsoft Teams Developer Community Response Feedback link?

Share via

Get "403 Forbidden - No authorization information present on the request" when i try to get joined teams

0 additional answers

Your answer