The token contains no permissions for other tenant
Hi,
I am using graph API for teams meeting. Its working for my tenant. But when I am taking consent from other tenant and getting the token. I am getting below error
EndPoint
https://graph.microsoft.com/v1.0/me/events
Payload:
{
"subject": "Interview",
"body": {
"contentType": "HTML",
"content": "Interview"
},
"start": {
"dateTime": "2021-11-03T10:21:00",
"timeZone": "Asia/Calcutta"
},
"end": {
"dateTime": "2021-11-03T22:21:00",
"timeZone": "Asia/Calcutta"
}, "location":{
"displayName":"My Meeting"
},
"attendees": [],
"isOnlineMeeting": true,
"allowNewTimeProposals": true,
"onlineMeetingProvider": "teamsForBusiness"
}
Response:
{"error":{"code":"NoPermissionsInAccessToken","message":"The token contains no permissions, or permissions can not be understood.","innerError":{"oAuthEventOperationId":"14666f0a-2c6d-4c2b-a799-815a2c3165b1","oAuthEventcV":"arfWscYr7/TC40YsjmIsqg.1.1","errorUrl":"https://aka.ms/autherrors#error-InvalidGrant","requestId":"0db02e10-ee27-41ef-b46c-414a4be3d3f6","date":"2021-11-03T06:17:06"}}}
I am using this URL to get consent
https://login.microsoftonline.com/{ {tenantID}}/oauth2/v2.0/authorize?
client_id={ {ClientID}}&response_type=code
&redirect_uri=https://hiredplus.sohum.com/ats/OutlookAccessToken
&response_mode=query&scope=User.Read+User.Read.All+User.ReadWrite.All+Calendars.Read+Calendars.ReadWrite+openid+email+profile+offline_access+Calendars.Read.Shared+Calendars.ReadWrite.Shared+Place.Read.All&state=12345
I am able to get consent from other tenant user.
when I get Code, I am generation accesstoken from the same.
when I use that access token in the https://graph.microsoft.com/v1.0/me/events API, I am getting error response like {"error":{"code":"NoPermissionsInAccessToken","message":"The token contains no permissions, or permissions can not be understood.","innerError":{"oAuthEventOperationId":"14666f0a-2c6d-4c2b-a799-815a2c3165b1","oAuthEventcV":"arfWscYr7/TC40YsjmIsqg.1.1","errorUrl":"https://aka.ms/autherrors#error-InvalidGrant","requestId":"0db02e10-ee27-41ef-b46c-414a4be3d3f6","date":"2021-11-03T06:17:06"}}}
This is working for my tenant.