GyorgyAdorjan-7944 avatar image
0 Votes"
GyorgyAdorjan-7944 asked DanKershaw-5643 commented

Create extensionProperty - Insufficient privileges

I am trying to use Graph API to create an extension, but for some reason I am getting the "Insufficient privileges" error.
The application is using a client credentials provider, so it requires application permissions and not delegated ones.
The Microsoft documentation (application-post-extensionproperty) says that a permission of Application.ReadWrite.OwnedBy is needed.
I currently have three permissions set in my application:

  • Application.Read.All

  • Application.ReadWrite.OwnedBy

  • User.ReadWrite.All

All three are type "Application".

This is the code that I am trying to run:

 ExtensionProperty extensionProperty = new ExtensionProperty
     Name = extensionName,
     DataType = "string",
     TargetObjects = new List<String>
     ExtensionProperty result = await GraphClient.graphInstance.Applications[config["objectId"]].ExtensionProperties
     return "Extension created!";
 catch (Exception exError)
     return "Error while creating extension";

And it returns the error of:

 Status Code: Forbidden
 Microsoft.Graph.ServiceException: Code: Authorization_RequestDenied
 Message: Insufficient privileges to complete the operation.

If I list the extensions, that does not return an error - although the list is empty since there are no extensions created yet.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @GyorgyAdorjan-7944 - sorry for the late response. Not sure if you resolved the issue.
Can you send the full error message (including client request ID and the timestamp) so we can investigate further.

0 Votes 0 ·

0 Answers