Permissions needed to access plans in Graph API

Sabbagh, Jesse 1 Reputation point
2021-10-12T22:28:47.617+00:00

I have registered an app in the Azure portal and given the following permissions:

ChannelMessage.Read.All
Group.Read.All
Group.ReadWrite.All
IdentityRiskyUser.ReadWrite.All
offline_access
Tasks.Read
Tasks.Read.Shared
Tasks.ReadWrite
Tasks.ReadWrite.Shared
Teamwork.Migrate.All
User.Read

I am attempting to call the following API:

https://graph.microsoft.com/v1.0/planner/plans/U6cu4idEi0W1*****/tasks

And I get the response:

401 - Unauthorized: Access is denied due to invalid credentials.
You do not have permission to view this directory or page using the credentials that you supplied.

When I get a token using my personal Azure account, it works fine so I know I am calling the right endpoint and passing the correct headers/body. What permissions could I be missing?

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,672 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. CarlZhao-MSFT 37,216 Reputation points
    2021-10-13T02:24:23.577+00:00

    The 401 error should be caused by you using the client credential flow. The api endpoint currently only supports Tasks.Read delegated permissions, so you need to log in with an Azure AD work account and use the auth code flow to obtain a token.

    By the way, the api endpoint does not support personal Microsoft accounts. If your account is an Azure AD account, then it is a work account, so it works fine.

    139990-image.png

    If an Answer is helpful, please click "Accept Answer" and upvote it.

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.