Issue:
Using C# library, trying to get user's mailboxsettings but it is always null as a property of User class
I try to get the mailboxsetting like below:
return (await client.Users["userid"].Request().GetAsync()).MailboxSettings;
But it always returns null.
But when I try to use the rest API by sending request /beta/users/{id}/mailboxSettings, it works.
Is it that the mailboxsettings hasn't been exposed in User class?
You should build your request like:
var result = await client.Users["userid"].Request().Select("MailboxSetting").GetAsync().Result;
var mailboxSettings = result.MailboxSettings;
So you will get the MailboxSettings.
Appears to be an issue in the Graph SDK. You should file an issue on their GitHub repository https://github.com/microsoftgraph/msgraph-sdk-dotnet/issues.
The problem seems to be that getting mailbox settings requires another request, but the SDK treats it like a normal property on the User object.
I know this is an old thread but I had this problem as well. After fiddling with permissions I got the code posted by Larissa to work.
Microsoft Graph Application Permissions
Read all user's full profiles
Read and write all users mailbox settings
Windows Azure Active Directory Delegated Permissions
Read all user's basic profiles
Related
Am working on Microsoft Graph Api to get the outlook calendar events of other user in the organization. I wrote the code like,
var user = await _graphServiceClient.Users[userId].Calendar.Events .Request() .Select("subject,body,bodyPreview,organizer,attendees,start,end,location") .GetAsync();
when am trying to get other user events am getting the error like access denied where as the same code is working for getting "me" events.I also added necessary permissions
From that issue I understood that am getting the error because it is not taking the scopes correctly. am expecting the code that takes the scopes that were added in app registration.
With the delegate authentication flows there are two types of permission you would need the first is the oAuth permission to access shared calendar Calendars.Read.Shared or Calendars.ReadWrite.Shared these need to be consented to as well. Then the user that your using needs to have delegate permission to the calendar folder themselves (eg they have to be able to access the target calendar folder in Outlook or Outlook on the web) this isn't enabled by default (eg people get free busy permissions by default) so for the query your trying to make you would need at least Reviewer access to the that folder
I need to create a webservice which will accept a file from a user, parse the file for data, assemble a collection of files stored on Sharepoint, and the return a zip file containing those files to the user.
The user may not have direct access to Sharepoint and in the future there might not even be a human user involved as the file may be pulled automatically from another system on a timer.
I am creating the solution in C# and am struggling to create a client which can successfully authenticate against Sharepoint.
Currently, I am trying to use the CSOM Authentication Manager in the Microsoft documentation, but using the Visual Studio debugger, I observe a failure in this method:
private async Task<string> AcquireTokenAsync(Uri resourceUri, string username, string password)
{
string resource = $"{resourceUri.Scheme}://{resourceUri.DnsSafeHost}";
var clientId = defaultAADAppId;
var body = $"resource={resource}&client_id={clientId}&grant_type=password&username={HttpUtility.UrlEncode(username)}&password={HttpUtility.UrlEncode(password)}";
using (var stringContent = new StringContent(body, Encoding.UTF8, "application/x-www-form-urlencoded"))
{
var result = await httpClient.PostAsync(tokenEndpoint, stringContent).ContinueWith((response) =>
{
return response.Result.Content.ReadAsStringAsync().Result;
}).ConfigureAwait(false);
var tokenResult = JsonSerializer.Deserialize<JsonElement>(result);
var token = tokenResult.GetProperty("access_token").GetString();
return token;
}
}
The value of result is:
"{"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier '986002f6-c3f6-43ab-913e-78cca185c392' was not found in the directory 'enpal.de'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: d3b47a0b-54bc-40fd-a731-b99732326200\r\nCorrelation ID: 158621cc-3052-4c7b-9532-e2bab5c3cc09\r\nTimestamp: 2020-11-18 13:46:39Z","error_codes":[700016],"timestamp":"2020-11-18 13:46:39Z","trace_id":"d3b47a0b-54bc-40fd-a731-b99732326200","correlation_id":"158621cc-3052-4c7b-9532-e2bab5c3cc09","error_uri":"https://login.microsoftonline.com/error?code=700016"}"
The resourceUri, username, and password values correctly correspond to the values I would directly use to log into the website. My administrator has assured me the user is an admin of the site and therefore should have all the possible permissions it should need to do anything, including connect.
Does anyone know how to make this work?
Or know a different solution which is more likely to work?
Or know of anything which must be configured on the SharePoint side to allow this solution to work?
It looks like you took the code sample from the Microsoft website and skipped on reading an important section: Configuring an application in Azure AD ;)
At the moment, you are trying to connect to your tenant as an app with an id of '986002f6-c3f6-43ab-913e-78cca185c392', which is a placeholder from the code sample. Register your app in your tenant, and insert the proper app id in your defaultAADAppId constant.
I am trying to retrieve a message from a node (my own status message):
I am using C# Facebook SDK. My GET request is the following:
status = fb.Get("/v2.2/100006927xxxxxx_1568238173xxxxxx?fields=message")
I tested this in Graph Explorer on the development site and it works.
but in my application I get an "Unsuppported Get Request #100" error.
Is there something new because I think that worked before?
Ensure that the access token you are using on Graph API Explorer matches the one you are using in your application.
In Graph API Explorer check three calls
/app to see which app you are using
/me/permissions to see what permission is granted in the application
/me to see which app scoped user ID has been assigned
Depending on the access token and the application, the privacy level of that status might not be able available to you.
e.g. 100006927xxxxxx looks like an app scoped user ID
This will mean that only one particular application will be able to access this resource.
I am using Microsoft Azure Active Directory login for my MVC 5 application. Can somebody give me an idea how I can check if a username already exists in Microsoft Azure Active Directory?
What is the general approach to do this?
You can use the Graph API and query for the user you want. For information about Graph API read: http://msdn.microsoft.com/en-us/library/azure/hh974476.aspx
The common queries page (http://msdn.microsoft.com/en-us/library/azure/jj126255.aspx) has a query for a user given the userPrincipalName. You should use this query and check if it returns a 404 (not found).
Basically the query you are looking for is: "https://graph.windows.net/contoso.com/users/admin#contoso.com?api-version=2013-04-05" where you need to replace contoso.com with your domain and admin#contoso.com with the upn you want to search for.
You should also look at the Azure AD samples on GitHub. In this case, you're probably interested in how to use the Graph API: https://github.com/AzureADSamples/WebApp-GraphAPI-DotNet
This sample MVC web application demonstrates how to query Azure Active Directory using the Graph API. To facilitate application development, it includes showing how to use included Graph Library, and uses OpenID Connect to authorize users to conenct to their directory data.
An alternative solution :
public async Task<User> FindByAlias(string alias, GraphServiceClient graphClient)
{
List<QueryOption> queryOptions = new List<QueryOption>
{
new QueryOption("$filter", $#"mailNickname eq '{alias}'")
};
var userResult = await graphClient.Users.Request(queryOptions).GetAsync();
if (userResult.Count != 1) throw new ApplicationException($"Unable to find a user with the alias {alias}");
return userResult[0];
}
I'm trying to use the Facebook SDK 5.2.1 to ultimately create a test user, however even what I believe is the simple example of getting the list of test accounts isn't working for me. I get the OAuthException "An access token is required to request this resource."
Here's my code (replace APP ID and APP SECRET with my own):
FacebookOAuthClient oauth = new FacebookOAuthClient { AppId = "APP ID", AppSecret = "APP SECRET" };
dynamic tokenRes = oauth.GetApplicationAccessToken();
fbClient = new FacebookClient(tokenRes.access_token);
dynamic response = fbClient.Get("APPID/accounts/test-users");
However, I get the exception on the fbClient.Get line.
Any idea as to what's wrong?
Thanks,
Chad
After hours of trying various things and reading various web pages/blogs, I found the reason it wasn't working. In my app settings, I had my app type set to a Native/Desktop App. Changing this to Web, allows the above scenario to work. I'm not yet quite sure of what other differences exist between web vs native facebook apps. My app is certainly only being used via a desktop application and I can't understand why I need to set this to Web just to allow me to create test users.
This code works in my app:
var app = new FacebookClient(FacebookApplication.Current.AppId,
FacebookApplication.Current.AppSecret);
dynamic result = app.Post(string.Format("{0}/accounts/test-users",
FacebookApplication.Current.AppId),
new { installed = true, permissions = "user_about_me" });
The reason why you are receiving the exception OAuthException is because you have not yet got the permission of the user.
To do a Graph API call on the current user, you need to get the user to accept the permissions that you require FIRST and then do the Graph API call.
You need to get the user to a browser some how in your application, as there is not an authentication flow which doesn't require a browser window.
Check out this URL to view the authentication flows:
http://developers.facebook.com/docs/authentication/