Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,645 questions
Create extensionProperty - Insufficient privileges
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 84%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGA%3C/text%3E%3C/svg%3E)
Gyorgy Adorjan
1
Reputation point
I am trying to use Graph API to create an extension, but for some reason I am getting the "Insufficient privileges" error.
The application is using a client credentials provider, so it requires application permissions and not delegated ones.
The Microsoft documentation (application-post-extensionproperty) says that a permission of Application.ReadWrite.OwnedBy is needed.
I currently have three permissions set in my application:
- Application.Read.All
- Application.ReadWrite.OwnedBy
- User.ReadWrite.All
All three are type "Application".
This is the code that I am trying to run:
ExtensionProperty extensionProperty = new ExtensionProperty
{
Name = extensionName,
DataType = "string",
TargetObjects = new List<String>
{
"User"
},
};
try
{
ExtensionProperty result = await GraphClient.graphInstance.Applications[config["objectId"]].ExtensionProperties
.Request()
.AddAsync(extensionProperty);
return "Extension created!";
}
catch (Exception exError)
{
Debug.WriteLine(exError.ToString());
return "Error while creating extension";
}
And it returns the error of:
Status Code: Forbidden
Microsoft.Graph.ServiceException: Code: Authorization_RequestDenied
Message: Insufficient privileges to complete the operation.
If I list the extensions, that does not return an error - although the list is empty since there are no extensions created yet.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(268.8, 14.000000000000002%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
Dan Kershaw 416 Reputation points Microsoft Employee2021-10-23T15:55:40.767+00:00 Hi @Gyorgy Adorjan - sorry for the late response. Not sure if you resolved the issue.
Can you send the full error message (including client request ID and the timestamp) so we can investigate further.
Sign in to comment