Problem to list profileCardProperties

Kevin Bocquart 1 Reputation point


We were trying to add a custom attribute to out profile card, following that document :

Everything seems to be working fine.

So now, we wanted to list the Profile Card Properties using :

But we get that Error :

"error": { "code": "ErrorInsufficientPermissionsInAccessToken", "message": "Exception of type 'Microsoft.Fast.Profile.Core.Exception.ProfileAccessDeniedException' was thrown.",

Yes we are global admin, and the permissions mentioned in the document are present : User.Read, User.Read.All

What are we missing ? Thanks a lot ! Kev

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,008 questions
{count} votes

9 answers

Sort by: Most helpful
  1. Shayane Umar 1 Reputation point

    I am still getting the same error with this api -\<uid>/profile/phones?$select=number,type

    "error": {
    "code": "ErrorInsufficientPermissionsInAccessToken",
    "message": "Exception of type 'Microsoft.Fast.Profile.Core.Exception.ProfileAccessDeniedException' was thrown.",
    "innerError": {
    "date": "2021-03-05T15:05:09",
    "request-id": "65f1f3ee-d659-4359-b643-0ae3640d1ab3",
    "client-request-id": "97cd81d5-041f-db43-9041-1c9387b04a43"

    0 comments No comments

  2. Alexandr Rakushev 1 Reputation point

    I also have this issue:

    GET HTTP/1.1
    Connection: keep-alive
    sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102", "Google Chrome";v="102"
    Authorization: Bearer ****
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36
    sec-ch-ua-platform: "Windows"
    Accept: /

    HTTP/1.1 403 Forbidden
    Cache-Control: no-cache
    Content-Type: application/json
    Vary: Accept-Encoding
    Strict-Transport-Security: max-age=31536000
    request-id: 9b88b3fa-d93a-4fcc-b9af-62599efedd54
    client-request-id: 9b88b3fa-d93a-4fcc-b9af-62599efedd54
    x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"West Europe","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"AM4PEPF0001511C"}}
    Access-Control-Allow-Origin: *
    Access-Control-Expose-Headers: ETag, Location, Preference-Applied, Content-Range, request-id, client-request-id, ReadWriteConsistencyToken, SdkVersion, WWW-Authenticate, x-ms-client-gcc-tenant
    Date: Mon, 06 Jun 2022 08:36:49 GMT
    Content-Length: 328

    "error": {
    "code": "ErrorInsufficientPermissionsInAccessToken",
    "message": "Exception of type 'Microsoft.Fast.Profile.Core.Exception.ProfileAccessDeniedException' was thrown.",
    "innerError": {
    "date": "2022-06-06T08:36:49",
    "request-id": "9b88b3fa-d93a-4fcc-b9af-62599efedd54",
    "client-request-id": "9b88b3fa-d93a-4fcc-b9af-62599efedd54"

    0 comments No comments

  3. Estragon 1 Reputation point

    Hi guys! You need to add scope param to request as string:
    'profile openid email User.Read'

    From Russia with love )

    0 comments No comments

  4. debajitkiran 1 Reputation point

    Hello guys,

    You need to add below two consents

    User.ReadWrite, User.ReadWrite.All


    0 comments No comments