Tenant does not have a SPO license. With Onedrive Service e O365 family license

Silvano Montanari 1 Reputation point
2022-02-20T15:01:02.577+00:00

Good morning

I'm a new user and I know that the problem is not new but I do not found a solution.

I use python MSAL library to call the ms graph API.

I have a tenant with O365 family license and I verified that the tenant in Azure AAD is the same for my O365 license

The python code is OK to get info on my profile but i have the error with "application" method:
https://graph.microsoft.com/v1.0/users/c9445de4-23db-4596-a1d3-7760dce5a3a6/drive/root

{  
  "error": {  
    "code": "BadRequest",  
    "message": "Tenant does not have a SPO license.",  
    "innerError": {  
      "date": "2022-02-17T10:34:31",  
      "request-id": "a0f521e4-d673-4856-b248-ff480a248ab9",  
      "client-request-id": "a0f521e4-d673-4856-b248-ff480a248ab9"  
    }  
  }  
}

and with the "delegate" methode
https://graph.microsoft.com/v1.0/me/drive/root

{  
  "error": {  
    "code": "BadRequest",  
    "message": "Tenant does not have a SPO license.",  
    "innerError": {  
      "date": "2022-02-17T11:09:33",  
      "request-id": "24b27408-6dfe-4612-84d9-b5c184225cdc",  
      "client-request-id": "24b27408-6dfe-4612-84d9-b5c184225cdc"  
    }  
  }  
}

I have the same problem with Java:

package com.example;  

import java.util.Arrays;  
import java.util.List;  

import com.azure.identity.ClientSecretCredential;  
import com.azure.identity.ClientSecretCredentialBuilder;  
import com.microsoft.graph.authentication.TokenCredentialAuthProvider;  
import com.microsoft.graph.models.Drive;  
import com.microsoft.graph.requests.GraphServiceClient;  
import com.microsoft.graph.requests.UserCollectionPage;  

public class App   
{  
    public static void main( String[] args )  
    {  
        String tenant = "<my tenant>";  
        String clientId = "<my client>";  
        String clientSecret = "<my secret>";  

        List<String> scopes = Arrays.asList("https://graph.microsoft.com/.default");  

        try {  
            final ClientSecretCredential clientSecretCredential = new ClientSecretCredentialBuilder()  
            .clientId(clientId)  
            .clientSecret(clientSecret)  
            .tenantId(tenant)  
            .build();  

            final TokenCredentialAuthProvider tokenCredentialAuthProvider = new TokenCredentialAuthProvider(scopes, clientSecretCredential);  

            final GraphServiceClient graphClient = GraphServiceClient  
                .builder()  
                .authenticationProvider(tokenCredentialAuthProvider)  
                .buildClient();  

            final UserCollectionPage me = graphClient.users().buildRequest().get();  

            System.out.println(me.getCurrentPage().get(0).id);  

            final Drive result = graphClient  
                .users(me.getCurrentPage().get(0).id)  
                .drive()  
                .buildRequest()  
                .get();  

            System.out.println("Found Drive " + result.id);  
        } catch (Exception e) {  
            //TODO: handle exception  

        }  
    }  
}

The output is:

[ForkJoinPool.commonPool-worker-1] INFO com.azure.identity.ClientSecretCredential - Azure Identity => getToken() result for scopes [https://graph.microsoft.com/.default]: SUCCESS  
c9445de4-23db-4596-a1d3-7760dce5a3a6  
[ForkJoinPool.commonPool-worker-1] INFO com.azure.identity.ClientSecretCredential - Azure Identity => getToken() result for scopes [https://graph.microsoft.com/.default]: SUCCESS  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409Graph service exception Error code: BadRequest  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409Error message: Tenant does not have a SPO license.  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409GET https://graph.microsoft.com/v1.0/users/c9445de4-23db-4596-a1d3-7760dce5a3a6/drive  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409SdkVersion : graph-java/v5.14.0  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409400 : Bad Request  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409[...]  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: CoreHttpProvider[sendRequestInternal] - 409[Some information was truncated for brevity, enable debug logging for more details]  
Feb 18, 2022 3:56:47 PM com.microsoft.graph.logger.DefaultLogger logError  
SEVERE: Throwable detail: com.microsoft.graph.http.GraphServiceException: Error code: BadRequest  
Error message: Tenant does not have a SPO license.  

GET https://graph.microsoft.com/v1.0/users/c9445de4-23db-4596-a1d3-7760dce5a3a6/drive  
SdkVersion : graph-java/v5.14.0  


400 : Bad Request  
[...]  

[Some information was truncated for brevity, enable debug logging for more details]

Thanks for help

Silvano

SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
9,621 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. RaytheonXie_MSFT 31,071 Reputation points Microsoft Vendor
    2022-02-21T05:52:23.89+00:00

    Hi @Silvano Montanari ,
    Personal Microsoft accounts only when creating the application. This may be the cause of the error :'xxxxxxxxxxx'(AppName) is configured for use by Microsoft Account users only. Please use the /consumers endpoint to serve this request.

    According to the documentation. The /tenant id or /contoso.onmicrosoft.com endpoint only allows users with work/school accounts of a specific Azure AD tenant to log in to the application. It does not support personal accounts.

    Only the /common and /consumers endpoints will allow personal Microsoft accounts to log in to the application. Because you can get the correct response only by using your personal account, so you only need to log in using the /common endpoint.

  2. Silvano Montanari 1 Reputation point
    2022-03-08T13:20:30.19+00:00

    Hello, I solved the problem using this java class:

    public class GraphInterface {

    public final static Logger logger = LogManager.getLogger (GraphInterface.class);

    private static GraphServiceClient <Request> graphClient = null;
    private static TokenCredentialAuthProvider authProvider = null;

    public static void initializeGraphAuth (String applicationId, List <String> scopes, String tenantId) {

        try {
            // Create the auth provider
            final DeviceCodeCredential credential = new DeviceCodeCredentialBuilder ()
                .clientId (applicationId)
                .tenantId (tenantId)
                //.challengeConsumer(challenge -> System.out.println (challenge.getMessage ()))
                .challengeConsumer (challenge -> logger.info (challenge.getMessage ()))
                .build ();

            authProvider = new TokenCredentialAuthProvider (scopes, credential);

            // Build a Graph client
            graphClient = GraphServiceClient.builder ()
                .authenticationProvider (authProvider) .buildClient ();
        } catch (Exception e) {
            logger.error (e.toString ());
            throw and;
        }

    }

    public static String getUserAccessToken () throws Exception
    {
        String accesstoken;

        try {
            URL meUrl = new URL ("https://graph.microsoft.com/v1.0/me");
            accesstoken = authProvider.getAuthorizationTokenAsync (meUrl) .get ();
        } catch (Exception ex) {
            logger.error (ex.toString ());
            throw ex;
        }

        return accesstoken;
    }

}

    and then using the jpype package to link python

    Silvano

    0 comments