Permission denied

Meirzhan Askerbekov 1 Reputation point

Hello, I have created App on Azure and added to my app one user. I added required permissions. For me all api requests work well, but for other user don't work. I log in with that user and make request. Request:
GET /v1.0/users HTTP/1.1
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub...... { "error": { "code": "Authorization_RequestDenied", "message": "Insufficient privileges to complete the operation.", "innerError": { "date": "2021-03-01T09:04:03", "request-id": "d062cc41-7e91-4e50-a71b-c206f4346fb6", "client-request-id": "d062cc41-7e91-4e50-a71b-c206f4346fb6" } } }

This is decoded token: "scp": "Calendars.ReadWrite Directory.AccessAsUser.All Directory.Read.All Directory.ReadWrite.All OnlineMeetings.Read OnlineMeetings.ReadWrite User.Read User.Read.All User.ReadBasic.All User.ReadWrite.All profile openid email"


{"error":{"code":"NoPermissionsInAccessToken","message":"The token contains no permissions, or permissions can not be

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,068 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Vasil Michev 98,201 Reputation points MVP

    Which endpoint are you calling and did you consent to said permissions as admin (most of them require admin consent). You also seem to be using the EWS impersonate permissions, is your app based on the Graph API or EWS?

  2. Meirzhan Askerbekov 1 Reputation point

    I added user using POST
    It seems that there are constraints for guest user. So then I have created user via POST, for this user works fine.
    So how to give guest user all required permissions?