Getting error if i create onlinemeeting

Question

Dear,
I am follow this link "https://learn.microsoft.com/en-us/graph/api/application-post-onlinemeetings?view=graph-rest-beta&tabs=http"

Authentication generate successfully.

Getting error if i am try to create onlinemeeting

Error message: 500
"code": "InternalServerError",
"message": "Status: NotFound (404)\r\nOperationId: d0c30e99-fff8-47e6-b0cf-a70960131c66\r\nClientCorrelationId: a53300b5-f31e-4bc1-9a76-4bfcdcb29a5e\r\nServer error: User lookup by user id failed in AAD.\r\nClient exception: Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details.\r\n",
"innerError": {
"date": "2020-09-02T12:32:42",
"request-id": "41262228-485b-4d12-a8ad-c7e67aa34b0f"

Please check and help me try to resolved this issue.

Answer 1

@Rupesh Chhabra , I just got this api working for me.

For your reference Sharing my access token decoded access-token:

{ "typ": "JWT", "nonce": "TLga4QS4N5Q8xLNPXy_C01VcpluHeZ4cVPPuSjDDrkI", "alg": "RS256", "x5t": "jibNbkFSxxxxxPYrN9CFqRk4K4gw", "kid": "jibNbkxxxxxxPYrN9CFqRk4K4gw" }.{ "aud": "https://graph.microsoft.com", "iss": "https://sts.windows.net/xxxxxxx-f2a1-4ce2-a65a-1c70897dd1de/", "iat": 1599476938, "nbf": 1599476938, "exp": 1599480838, "acct": 0, "acr": "1", "aio": "ASQA2/8QAAAAXXXXXXLubq5QpAr8luKi/oU/mU5xyxXngrUV6mjwoY=", "amr": [ "pwd" ], "app_displayname": "AppTestSoumi", "appid": "XXXX0690-6141-4205-XXXX-77a59dd26917", "appidacr": "1", "idtyp": "user", "ipaddr": "103.102.123.0", "name": "dummyuser 1", "oid": "44aXXXXX-fb5b-4e59-a373-055ae44XXX96", "platf": "3", "puid": "10032000D2A6EAE7", "rh": "0.ASkADndJIqHy4kymWhxwiX3R3pAG_d1BYQVCq8t3pZ3SaRcpANo.", "scp": "OnlineMeetings.ReadWrite profile openid email", "sub": "OBjxhFYqu4sHIurft77XYlmw2w58-oOjt0ss7T_s0aU", "tenant_region_scope": "NA", "tid": "2249770e-f2a1-4ce2-a65a-1c70897dd1de", "unique_name": "dummyuser1@xxxx.onmicrosoft.com", "upn": "dummyuser1@xxxx.onmicrosoft.com", "uti": "wbzM03CvYEux8vCK9VI7AA", "ver": "1.0", "wids": [ "62e90394-69f5-4237-9190-012177145e10" ], "xms_st": { "sub": "m7PPspe4pgAQ4V8s0ml8oMVv-rSbte9NddoD0VuFqek" }, "xms_tcdt": 1523308566 }.[Signature]  

The API Permission on the app registration looks something like:

And the Supported account types under the authentication blade for that application looks something like:

Do try once again today and let me know if that works or fails.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

Answer 2

@Rupesh Chhabra , Thank you for reaching out. I did try to pull the backend logs based on the correlationID, requestID and timestamp, but it didn't get me any logs. But looking at the error which says "Server error: User lookup by user id failed in AAD.", it looks like the user is not available in AAD, for which you are making this query. Also, this Graph API would only work, if you use the same username against which you have requested the token for.

For eg: If you have authenticated yourself with AAD, before making this API call, then AAD, would be issuing you an Access Token, and Graph API call would work, using this token only when you make the graph API call for yourself.

In other words, use the GraphAPI "https://graph.microsoft.com/beta/me/onlineMeetings" as it is and check if this works for you. If it fails, do share the following details:

• The Decoded Access Token contents or the access token JWT itself
• The actual Graph API call that is being sent.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

Answer 3

@Rupesh Chhabra , Thank you for sharing the details. I reviewed the code and the access-token shared by you. Looking at the access token, I see the permissions are listed under the key named roles, which means that the OAuth flow used to fetch this token was Client_Credentials flow.
If you decode the access-token using JWT.ms, you would find the following roles:

  "roles": [  
    "Calls.JoinGroupCall.All",  
    "OnlineMeetings.Read.All",  
    "OnlineMeetings.ReadWrite.All",  
    "User.ReadWrite.All",  
    "Calls.InitiateGroupCall.All",  
    "Directory.ReadWrite.All",  
    "Calls.JoinGroupCallAsGuest.All",  
    "CallRecords.Read.All",  
    "User.Invite.All",  
    "Directory.Read.All",  
    "User.Read.All",  
    "Calls.AccessMedia.All",  
    "Calls.Initiate.All"  
  ],  

Now for client_credentials flow to work, the application registration needs Application Permissions to work, but the following Microsoft Graph API https://graph.microsoft.com/v1.0/me/onlineMeetings, would work only if you specify Delegated Permissions. You can find more details here.

Hence to get this working, you would need to provide "delegated permissions" and use the "auth-code grant flow" in OAuth2.0 to get this API working.

Hope this helps.

Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as Answer; if the above response helped in answering your query.

Answer 4

Not working, we are using same code and below mention access token

var onlineMeeting = new
{
meetingType = "scheduled",
StartDateTime = startDateTime,
EndDateTime = startDateTime.AddMinutes(30),
Subject = "User Token Meeting",
Participants = new
{
Organizer = new
{
Identity = new
{
User = new
{
id = organizerId
}
}
}
}
};

var accessToken = await _graphSdkHelper.GetDaemonAppAccessToken();
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
using (var request = new HttpRequestMessage(HttpMethod.Post, "https://graph.microsoft.com/beta/me/onlineMeetings"))
{
var json = JsonConvert.SerializeObject(onlineMeeting);
using (var stringContent = new StringContent(json, Encoding.UTF8, "application/json"))
{
request.Content = stringContent;

using (var response = await client
.SendAsync(request, HttpCompletionOption.ResponseHeadersRead)
.ConfigureAwait(false))
{
//response.EnsureSuccessStatusCode();
string result = await response.Content.ReadAsStringAsync();
dynamic jToken = JToken.Parse(result);
return jToken.joinUrl;
}
}
}
}

accessToken: eyJ0eXAiOiJKV1QiLCJub25jZSI6IlU0b1A4Mi0tMm1OYk93dk8tQ0tnY3Q3TUlRUEZfTnlOODFIZFlNQlhGRFkiLCJhbGciOiJSUzI1NiIsIng1dCI6ImppYk5ia0ZTU2JteFBZck45Q0ZxUms0SzRndyIsImtpZCI6ImppYk5ia0ZTU2JteFBZck45Q0ZxUms0SzRndyJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC85NzM0NGE4Ny0zMTg4LTRkNWYtODI2OS05YTgwMzdkNmU2ZGUvIiwiaWF0IjoxNTk5MTA5MDA4LCJuYmYiOjE1OTkxMDkwMDgsImV4cCI6MTU5OTExMjkwOCwiYWlvIjoiRTJCZ1lCRFdVTC9UMEdzajhLTG5Uc2JMRSt1L0F3QT0iLCJhcHBfZGlzcGxheW5hbWUiOiJUZXN0IHRlYW1tZWV0IiwiYXBwaWQiOiJjZjRkZTRkNy00YWNmLTRhZDgtYmQ4YS0wZTk1NTJiYzYxMDciLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC85NzM0NGE4Ny0zMTg4LTRkNWYtODI2OS05YTgwMzdkNmU2ZGUvIiwiaWR0eXAiOiJhcHAiLCJvaWQiOiI3MjU1MzkyYy1iMDllLTRmMzgtYmEyYS1kYTE2MjljNzlhNmYiLCJyaCI6IjAuQUFBQWgwbzBsNGd4WDAyQ2FacUFOOWJtM3Rma1RjX1BTdGhLdllvT2xWSzhZUWRVQUFBLiIsInJvbGVzIjpbIkNhbGxzLkpvaW5Hcm91cENhbGwuQWxsIiwiT25saW5lTWVldGluZ3MuUmVhZC5BbGwiLCJPbmxpbmVNZWV0aW5ncy5SZWFkV3JpdGUuQWxsIiwiVXNlci5SZWFkV3JpdGUuQWxsIiwiQ2FsbHMuSW5pdGlhdGVHcm91cENhbGwuQWxsIiwiRGlyZWN0b3J5LlJlYWRXcml0ZS5BbGwiLCJDYWxscy5Kb2luR3JvdXBDYWxsQXNHdWVzdC5BbGwiLCJDYWxsUmVjb3Jkcy5SZWFkLkFsbCIsIlVzZXIuSW52aXRlLkFsbCIsIkRpcmVjdG9yeS5SZWFkLkFsbCIsIlVzZXIuUmVhZC5BbGwiLCJDYWxscy5BY2Nlc3NNZWRpYS5BbGwiLCJDYWxscy5Jbml0aWF0ZS5BbGwiXSwic3ViIjoiNzI1NTM5MmMtYjA5ZS00ZjM4LWJhMmEtZGExNjI5Yzc5YTZmIiwidGVuYW50X3JlZ2lvbl9zY29wZSI6IkFTIiwidGlkIjoiOTczNDRhODctMzE4OC00ZDVmLTgyNjktOWE4MDM3ZDZlNmRlIiwidXRpIjoiUDhCSmcxaV9YazZhN2JYTGNmcElBQSIsInZlciI6IjEuMCIsInhtc190Y2R0IjoxNDQxNDYxMTEyfQ.k2aCVjTV2WZinpSPBE8nUFFapilYL0Z_I6ujDIuWhrdkNzAT2yQlrZ09gimsF-

Answer 5

After removed application permission then getting forbidden error and status code 403

{
"error": {
"code": "Forbidden",
"message": "",
"innerError": {
"request-id": "6fae9e7e-92ad-4551-b163-62bb5de66c48",
"date": "2020-09-03T09:24:21"
}
}
}

access Token:
eyJ0eXAiOiJKV1QiLCJub25jZSI6Ik1GSS1zeEtqZ1k5d2lPUmNrRlVjc3YzeWk2YVprZW1jV3NCUl82MU9iNWsiLCJhbGciOiJSUzI1NiIsIng1dCI6ImppYk5ia0ZTU2JteFBZck45Q0ZxUms0SzRndyIsImtpZCI6ImppYk5ia0ZTU2JteFBZck45Q0ZxUms0SzRndyJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLm1pY3Jvc29mdC5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC85NzM0NGE4Ny0zMTg4LTRkNWYtODI2OS05YTgwMzdkNmU2ZGUvIiwiaWF0IjoxNTk5MTI0NzUwLCJuYmYiOjE1OTkxMjQ3NTAsImV4cCI6MTU5OTEyODY1MCwiYWlvIjoiRTJCZ1lMZ2R6SFBxL09hSEg4N3RsU3JKcXpMZkFRQT0iLCJhcHBfZGlzcGxheW5hbWUiOiJUZXN0IHRlYW1tZWV0IiwiYXBwaWQiOiJjZjRkZTRkNy00YWNmLTRhZDgtYmQ4YS0wZTk1NTJiYzYxMDciLCJhcHBpZGFjciI6IjEiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC85NzM0NGE4Ny0zMTg4LTRkNWYtODI2OS05YTgwMzdkNmU2ZGUvIiwiaWR0eXAiOiJhcHAiLCJvaWQiOiI3MjU1MzkyYy1iMDllLTRmMzgtYmEyYS1kYTE2MjljNzlhNmYiLCJyaCI6IjAuQUFBQWgwbzBsNGd4WDAyQ2FacUFOOWJtM3Rma1RjX1BTdGhLdllvT2xWSzhZUWRVQUFBLiIsInN1YiI6IjcyNTUzOTJjLWIwOWUtNGYzOC1iYTJhLWRhMTYyOWM3OWE2ZiIsInRlbmFudF9yZWdpb25fc2NvcGUiOiJBUyIsInRpZCI6Ijk3MzQ0YTg3LTMxODgtNGQ1Zi04MjY5LTlhODAzN2Q2ZTZkZSIsInV0aSI6Il9BZFhUUXZuYjBLd3lKeGNxVXBiQUEiLCJ2ZXIiOiIxLjAiLCJ4bXNfdGNkdCI6MTQ0MTQ2MTExMn0.LFyABll1WrsM615stbMZG7bAYJm0vWaSnPa1IQ3dHCcIc8qroPoK4_VRhcd1TiWJa8_fIB4Jq4Wct4eVDJZ78amAuVRZWIc0BNYzcaHNNxWgyRcCunLNIzIuI2LMi2I4qQNKmd-fvEOy7GvhZgukdmpctM__yO4vpf1DSJPWKb9_r8FcH1ajGefxR6MiCyGDcIE0JdNHwVczYtF5f-5t1CJW0WTMM9bRKg6k0eiOh6mUYppMRdmdZ7sOfchmlJBDAQa6sGncwGSv7mJdPOsDF0WlPzWJDO37-pcqEJwt45tSBrtDfLaMe45jrIhHmGQUQ-SNfBS1XlikgfPyz-TSXw