question

DarinBaker-8857 avatar image
0 Votes"
DarinBaker-8857 asked DarinBaker-8857 edited

How to use graphapi for 'security and compliance'

Hello,
We are getting 'unauthorized' when trying to use graphapi for 'security and compliance'. We have setup our app with what I believe to be the right permissions, still the issue persists. I have added the permissions on our app (https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationMenuBlade/Overview/appId/XXXXXXX/isMSAApp/), gotten it approved, etc. I am able to obtain a token, but yet when I try and use the token I am getting a 401, please see the attached101774-401.png




microsoft-graph-security
401.png (275.1 KiB)
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

  • Validate the token using the https://jwt.ms to see if it contains the necessary scopes/permissions to perform the API call.

  • Test the scenario in Microsoft Graph explorer and provide necessary permissions/consent in it to see still if you can repro the issue. If issue persists, then share the requestid, timestamp.

0 Votes 0 ·

Hello,
according to jwt.ms the scope/permissions look correct to me ("scp": "eDiscovery.ReadWrite.All User.Read"). I've tested issuing a get to 'https://graph.microsoft.com/beta/compliance/ediscovery/cases' with the generated token and receive the following failure:

{
"error": {
"code": "Unauthorized",
"message": "Processing of the HTTP request resulted in an exception. Please see the HTTP response returned by the 'Response' property of this exception for details.",
"innerError": {
"date": "2021-06-07T15:25:48",
"request-id": "3ee33a7d-dc13-4f03-9bfb-da6b97753d3d",
"client-request-id": "3ee33a7d-dc13-4f03-9bfb-da6b97753d3d"
}
}
}

0 Votes 0 ·

0 Answers