Code: NoPermissionsInAccessToken Message: The token contains no permissions, or permissions can not be understood.

Stefano 56 Reputation points
2022-03-03T09:43:12.503+00:00

Hi,

i'm trying to use this guide to get a token with a web app managed identity to send Mail as a user with Microsoft Graph
https://learn.microsoft.com/en-us/azure/app-service/scenario-secure-app-access-microsoft-graph-as-app?tabs=azure-powershell#prerequisites

var credential = new DefaultAzureCredential();  
  
            var token = credential.GetToken(  
                new Azure.Core.TokenRequestContext(  
                    new[] { "https://graph.microsoft.com/.default" }));  
  
            var accessToken = token.Token;  
            var graphServiceClient = new GraphServiceClient(  
                new DelegateAuthenticationProvider((requestMessage) =>  
                {  
                    requestMessage  
                    .Headers  
                    .Authorization = new AuthenticationHeaderValue("bearer", accessToken);  
  
                    return Task.CompletedTask;  
  

I run the powershell and i can see the permission in the enterprise application as shown in the link, but when i decode the token i can't see any role in it.
179583-image.png

What could I done wrong? Is there something else i could check?

Thanks

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,836 questions
{count} votes

1 additional answer

Sort by: Most helpful
  1. Vicky Kumar (Mindtree Consulting PVT LTD) 1,156 Reputation points Microsoft Employee
    2022-03-09T05:33:55.41+00:00

    Hi ,

    As far as what I understood you want to config to authenticate graph API through your app , if i am correct , you can follow the docs , Hope it will help you to fix your issue .

    Thanks.