Hello, I have a registered AD app, and has admin consent on the following permissions
Mail.Read
Mail.ReadWrite
Mail.ReadBasic
User.Read
I also get a code in my local app, which I use to obtain an access_token. In that response, here are the scope values returned by login.microsoftonline.com
"scope": "profile openid email https://graph.microsoft.com/Mail.Read https://graph.microsoft.com/Mail.ReadBasic https://graph.microsoft.com/Mail.ReadWrite https://graph.microsoft.com/User.Read",
Now when I try to access https://graph.microsoft.com/v1.0/me using access_token obtained in the previous step, it works fine and gives my user profile back in postman.
But when I try to access https://graph.microsoft.com/v1.0/me/messages, it fails with the following error
{
"error": {
"code": "AuthenticationError",
"message": "Error authenticating with resource",
"innerError": {
"date": "2021-04-30T16:56:08",
"request-id": "b1949288-8ee8-42cd-ae61-5c63597eb973",
"client-request-id": "b1949288-8ee8-42cd-ae61-5c63597eb973"
}
}
}
The scope for access_token does have Mail.Read for graph. What am I doing wrong? scp value from jwt.ms is as follows:
"scp": "Mail.Read Mail.ReadBasic Mail.ReadWrite User.Read profile openid email"
Please help asap. Thanks!