Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,645 questions
Graph Explorer Token vs App only or user based
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 5%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
JRFM
1
Reputation point
Hi, I am wondering what the discrepancy is between the graph explorer access token and the token I am retrieving using postman & my .NET web api.
When using the Graph explorer I am unhindered when running queries. However, when I use the same user/password on postman suddenly those queries do not work.
I have used jwt.ms to look at the token scopes/permissions and the tokens I retrieve from postman have all permissions and more. I have also consented to the permissions on Azure.
Many of the queries I run on postman work but the moment I do a POST such as where I am trying to add a folder to a SharePoint site, I only receive a Bad Request with the message Invalid request; however, grab the token from the Graph Explorer and use it to make the same request in postman and everything works fine.
The query is as so: https://graph.microsoft.com/v1.0/sites/{siteId}/drives/{driveId}/root/children HttpMethod: POST
I have dug around the ms docs but cannot seem to figure out why only the graph explorer access token works.
I have tried with an App-only access token (the preferred choice). I have tried on behalf of the user.
The only impediment is the Access Token.
Additionally, the company admin IT himself has no answers and has not been able to help. We are both puzzled.
I appreciate all or any help.
{count} votes
-
Deva-MSFT 2,256 Reputation points Microsoft Employee2021-04-04T04:20:31.943+00:00 Adding right tags/teams to assist
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 27%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDO%3C/text%3E%3C/svg%3E)
Danstan Onyango 3,741 Reputation points Microsoft Employee2021-04-06T10:09:57.737+00:00 Please provide details of how you acquire the access token using Postman with the scopes requested. If you are using application permissions provide the scopes added to the applications in AAD.
Also the full error message can help understand what is going wrong. One of the required permissions as listed here but be present. Can you share the difference between the scopes/roles you see in jwt.ms
Sign in to comment