Describe the bug
Since recently I get an "unauthorized" error if I want to get a list of the channels of a team if the team contains private channels and the request is send by an application permission.
The exception looks like this:
Status Code: Unauthorized
Microsoft.Graph.ServiceException: Code: Unauthorized
Message: Failed to execute Aad backend request GetUsersByObjectIdsRequest. Workload Unknown. Request Url: https://graph.windows.net/myorganization/getObjectsByObjectIds?api-version=1.61-internal, Request Method: POST, Response Status Code: Unauthorized, Response Headers: ocp-aad-diagnostics-server-name: SsbbnbCJgvX+9DPQbDdJPGvYw8KicA1f81OBdtJroMQ=
request-id: ef844f26-a548-4fd2-ac2c-0be8071e09d0
client-request-id: 3c2afc1f-d695-47c1-8026-c17fbd94d3a5
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Tue, 20 Oct 2020 10:12:28 GMT
, Reason Phrase: Unauthorized
Inner error:
AdditionalData:
date: 2020-10-20T10:12:28
request-id: 77022e5d-295b-42d6-800a-1fad85391cf5
client-request-id: 77022e5d-295b-42d6-800a-1fad85391cf5
ClientRequestId: 77022e5d-295b-42d6-800a-1fad85391cf5
at Microsoft.Graph.HttpProvider.SendAsync(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationToken cancellationToken)
at Microsoft.Graph.BaseRequest.SendRequestAsync(Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
at Microsoft.Graph.BaseRequest.SendAsync[T](Object serializableObject, CancellationToken cancellationToken, HttpCompletionOption completionOption)
at Microsoft.Graph.TeamChannelsCollectionRequest.GetAsync(CancellationToken cancellationToken)
at mgbahn.core.Business.Graph.GraphSubServiceBase.ListAsync[TEntity,TEntityCollectionPage](Task`1 collectionPageGetter, Int32 maximumRetries) in D:\MGBProjects\src\Core_Common\mgbahn.core.Business\Graph\GraphSubServiceBase.cs:line 50
To Reproduce
Steps to reproduce the behavior:
- Create a Team
- Add at least one private channel
- Register an app in azure portal and set the application permission (see https://docs.microsoft.com/en-us/graph/api/channel-list?view=graph-rest-1.0&tabs=csharp) (I gave Channel.ReadBasic.All and Group.ReadWrite.All)
- Create an .net core application
- Create graphServiceClient with the access token for the application (https://docs.microsoft.com/en-us/graph/auth-v2-service?context=graph%2Fapi%2F1.0) ))
- Call the graphServiceClient.Teams[teamId].Channels.Request().GetAsync()
- See error
Expected behavior
The API should again give all the channels and not an unauthorized error.
Other references
I found the following stackoverflow question of a user who experienced the same issue for a few days: https://stackoverflow.com/questions/64392429/teams-listchannel-graph-api-resulting-in-unauthorized-error-failed-to-execut AB#7228
I moved this issue from https://github.com/microsoftgraph/msgraph-sdk-serviceissues/issues/101 because they are closing that repository.