I am trying to access Microsoft Graph Api for my OneDrive Business account. I have created an app in Azure Directory. I am able to authenticate, I am getting an access token but when trying to use that access token and use this api https://graph.microsoft.com/v1.0/me. I am getting this error : "Access token validation failure. Invalid audience." I dont know if I am missing any permission to access Graph APi?
Not able to access Microsoft Graph Api using OAuth Access token
1k views Asked by Vishesh Aalwani At
1
There are 1 answers
Related Questions in OAUTH
- Using html5 localstorage instead of cookies with passport.js
- OAuth integration with QuickBooks using Scribe
- OAuth with Developer tokens
- Oauth in Tyrus WebSocket
- Accessing Picasa Web API using PHP
- how can I access user details through "oauth_token" from twitter api in ionic framework
- Is my JWT refresh plan secure?
- When to refresh token?
- SignalR oAuth on self host
- Bearer token in MVC controller to access Web API
- OAuthorization through app or web api
- Authenticating mobile app login using webservice using oauth connection
- Testing local rails application with OAuth
- Configure the authorization server endpoint
- Azure Active Directory Login: Web App Permissions, User Consent not triggered
Related Questions in AZURE-ACTIVE-DIRECTORY
- MultipleTokensMatched exception when using default TokenCache
- How can I share Azure Active Directory authentication between server side and client script?
- Azure AD Change Password with patch call
- Azure Active Directory Login: Web App Permissions, User Consent not triggered
- ADALJS Error description:AADSTS65001: No permission to access user information is configured for 'clientId' application, or it is expired or revoked
- app is re-initializing the first time ADAL "protected" URL is accessed via $http
- Validate access token for WEB API protected by Azure AD
- Azure AD Graph API: Is it possible to enumerate all groups associated with an application role?
- Is is possible to use Azure AD as a SAML compliant Identity Provider?
- Microsoft Graph API Accessing basic info of a user that is outside tenancy
- RoundCube OAuth with Azure Active Directory
- Deploy Azure AD WebAPI to IIS, with Windows Authentication enabled, skips Azure AD Authentication
- How to change Is Multiple Resource Refresh Token to true in Azure AD authentication?
- Azure, login to separate accounts with one email
- How to setup nginx to authenticate users through Azure AD?
Related Questions in MICROSOFT-GRAPH-API
- MicrosoftGraph user impersonation for accessing mail messages
- IdentityServer3 Microsoft Graph scopes and flow
- How should I determine if an MSAL account has an Exchange based email system? (got an exception)
- Get shared calendar from different user(meeting room)
- odata.maxpagesize header not working in Microsoft Graph API?
- Opening OneDrive file in desktop Word
- Microsoft Graph API content 401 Unauthorized
- Getting multiple users/groups by objectids
- Microsoft Graph SDK C#: Use FileSavePicker with Onedrive
- How to use ConfidentialClientApplication to perform AppOnly requests to Graph (Group.ReadWrite.All)
- OneNote update page
- Microsoft Graph GetPhoto not working in Microsoft Teams bot
- Paging in MS Graph API
- Microsoft Graph API multi-tenant token lifetime
- Access user.MemberOf with Microsoft Graph Client Library
Related Questions in ACCESS-TOKEN
- chrome.identity.getAuthToken and refresh token?
- How can restrict the use of Issued access token of one machine in another machine
- Trying to connect rails app to trello APi
- how to check access token validity in django oauth toolkit?
- Substitute access token in Hybridauth
- Java SDK Authentication with VersionOne Access Tokens
- Get user access token with permission via php with FB sdk 3.2
- Only allow my clients to access my webservice
- Outlook API: getting access-token from front-end, how can i use it in web API backend to get Outlook messages
- Can Outh2.0 access_tokens be compromised?
- Api Token is missing in laravel 4.2 api
- Implementing SSO using OpenID Connect and usage of tokens
- Can you reuse a Google service account access token?
- Azure AD ADAL in MVC Application - Token Expiration
- No route matches [POST] "/knock/user_token"
Related Questions in ONEDRIVE
- OneDrive SDK & background task WP8.1
- unable create ondrive with csom
- OneDrive direct download URLs for files and file versions
- onedrive oauth2 redirect_uri for android app
- Access OneDrive images from web application
- Jersey encoded query param but rest service doesn't want it encoded
- Can I create a file to subdirectory on OneDrive for Business with REST API?
- How can i get file permissions using office365 rest api?
- Get a file from OneDrive and use data of xml file into C# application
- Is it possible to upload Lumia Living Images to OneDrive, instead of just the static image?
- android host txt file and read it
- Office 365 SDK for Android; How to list files under a folder?
- Is it possible to get a permenant public link from onedrive API ? If yes then How?
- android read textfile from web
- How to Download a Shared File on OneDrive for Business with the REST API?
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
According to Resolve Microsoft Graph authorization errors - Microsoft Graph | Microsoft Docs
As your error message says, your token audience is invalid ,you must have set wrong scope when requesting the token.Please check the aud claim as commented in https://jwt.ms . Try to set the scope to
https://graph.microsoft.com/.defaultin authentication request and givedelegatedandapplication permissionsunder Microsoft apis> Microsoft graph andgrant admin consentto the api. etc . The api call only supports delegated permissions, so you can't use the client credential flow to get the token. For the /me endpoint, the user needs to log in, so you need Use auth code flow to obtain an access token. Calling /me end point requires delegated permissions.And calling one drive api from that also requires another additional permissions for different activity.
You can make use of Graph Explorerto see the permissions required and according grant admin consent for the same through explorer itself or through portal.
If still error remains , please change the accesstokenacceptedversion to 2 if it is null or 1 or vice versa. And try again.