This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 41%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
Hi
We are using graph api to create appointment\event in exchange using below code which working fine with "microsoftonline.com" and "graph.microsoft.com" as below. our one client having domin "microsoftonline.us" and "graph.microsoft.us"
Helper.Setting setting = Helper.ExchangeSetting.GetSetting(exchangeConfigName);
IConfidentialClientApplication app = ConfidentialClientApplicationBuilder.Create(setting.ClientIdGrpah)
.WithAuthority($"https://login.microsoftonline.com/{setting.TenantIdGraph}")
.WithRedirectUri(setting.PublicNotificationUrl)//("http://localhost")
.WithClientSecret(Helper.Cryptography.DecryptText(setting.ClientSecretGraph))
.Build();
string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
AuthenticationResult authResult = await app.AcquireTokenForClient(scopes).ExecuteAsync().ConfigureAwait(false);
return authResult.AccessToken;
To over come this cross domain issue we have change code to WithAuthority($"https://login.microsoftonline.us/{setting.TenantIdGraph}")
string[] scopes = new string[] { "https://graph.microsoft.us/.default" };
After code change we are getting token but when we try to create appointment\event we are getting below issue
Message: Access token validation failure. Invalid audience.
Inner error:
AdditionalData:
date: 2022-03-07T15:23:25
request-id: 53918c5f-6ba7-4869-984b-99e805d67aa1
Same permission has given on graph api (graph.microsoft.us)in azure which works for (graph.microsoft.com).
Need your experts help
Use https://jwt.ms/ to parse your access token and share screenshots.
This error is due to scope.
You're getting a token for the US Government L4 graph endpoint(.us), but your SDK is still calling the graph global service endpoint(.com) when calling the api, so that's causing a 401 error.
please find token
what i need to do as permission already set for Calendar read\write?
what should need to do over come ? call from token shows for "graph.microsoft.us"
I haven't used the US Government L4 graph endpoint(.us), but from my experience this should be a problem with the SDK, can you test it with postman?
Use your token to call graph.microsoft.us api test in postman, remember to share your test screenshot with me.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @neeraj badalu , if you're using the US Government L4 endpoint, please review this document and make sure everything is configured properly. As Carl mentioned, you need to make sure the SDK is referencing it and not another endpoint.
Best,
James