question

AlexanderMoreno-4546 avatar image
0 Votes"
AlexanderMoreno-4546 asked Deva-MSFT edited

oidmismatch in token and url for Create Online Meeting

Hi,

I am currently trying to create Online Meetings through the Microsoft Graph API.

Currently, I have created an App, and have given it scope permissions to give me a list of users, and create Online Meetings.

Scope Permissions:
84099-image.png

At the moment, I am using an AD Account to Grant access to my App, and GET a list of users within the org.

When i use MY Microsoft Account ID, i am able to successfully create a meeting, and invite users through Teams. However, When I replace the userID on the URL:
* https://graph.microsoft.com/v1.0/users/<Microsoft User ID goes here>/onlineMeetings

When I replace the given User ID with a different user, it gives me an error of:

 {
   "error": {
     "code": "BadRequest",
     "message": "oid mismatch in token and url (token=TokenErrorCode url=<Microsoft AD Account User>). Current support is only for /me endpoint.",
     "innerError": {
       "date": "2021-04-02T21:09:35",
       "request-id": "96e2d559-095b-4b31-9b9b-b1c7b0198e38",
       "client-request-id": "96e2d559-095b-4b31-9b9b-b1c7b0198e38"
     }
   }
 }

I thought the scope permissions I had, was suppose to give access to everyone in the Org. Is there a setting I have wrong in the OAuth flow. Or is there a setting I need turned on?

Thanks




office-teams-app-devmicrosoft-graph-teamworkmicrosoft-graph-applications
image.png (45.7 KiB)
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Adding right teams/tags to assist.

0 Votes 0 ·

1 Answer

Deva-MSFT avatar image
0 Votes"
Deva-MSFT answered Deva-MSFT edited

I think the above error is pretty clear. I see that when you try delegated permissions it works, but when try to perform the call on behalf of others then it doesn't support or throws the error. But you never mentioned when you tried making application permission call whether the token contains the necessary scopes/permissions or not. In addition to that you need to check the documentation - refer important section as it talks about Administrators must create an application access policy and grant it to a user, authorizing the app configured in the policy to create an online meeting on behalf of that user (user ID specified in the request path).


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.