question

DavidWales-0851 avatar image
0 Votes"
DavidWales-0851 asked DavidWales-0851 commented

403 Forbidden /beta/reports/

Using a token generated from a fresh partner center refresh token.
My user is GA of partner tenants.
Process is still working fine for /beta/policy/ hits.
It did work for /beta/reports at one stage a couple of weeks ago however I have been pulling my hair out since getting nothing but 403's.

Returned scopes with tenant token:
email
https://graph.microsoft.com/.default https://graph.microsoft.com/policy.read.all
https://graph.microsoft.com/policy.read.conditionalaccess
https://graph.microsoft.com/reports.read.all
openid
profile

New to graph API, if you could point me to more information (perhaps where to find information from the azure side) that would be appreciated.

azure-active-directorymicrosoft-graph-identitymicrosoft-graph-reports
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Adding right tags/teams to assist.

0 Votes 0 ·

Outside of the your application, can you repro the issue with Microsoft Graph Explorer as well?

0 Votes 0 ·

Correct me if I am wrong, the issue with graph explorer is I am explicitly GA of partner tenants and do not have the correct rights to test against the parent so I can only test against my developer tenant which does not have any issues with any permissions, however it doesn't use the partner center either so the process is slightly different (not having to use the refresh token to get tenant specific tokens for instance).

Can I view what is causing the 403 in azure somewhere?

0 Votes 0 ·

0 Answers