question

WardH-0381 avatar image
0 Votes"
WardH-0381 asked WardH-0381 edited

Microsoft Graph C# enumate a specific mailbox messages?

Hi,

I am trying to write a .NET Core App using Microsoft Graph to enumare users from and read a specific mailbox from Office 365.

The exception in my code I get is:

Microsoft.Graph.ServiceException
HResult=0x80131500
Message=Code: generalException
Message: An error occurred sending the request.

Source=Microsoft.Graph.Core
StackTrace:
at Microsoft.Graph.HttpProvider.<SendRequestAsync>d_19.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Graph.HttpProvider.<SendAsync>d
18.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Graph.BaseRequest.<SendRequestAsync>d
40.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Graph.BaseRequest.<SendAsync>d
34`1.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.Graph.GraphServiceUsersCollectionRequest.<GetAsync>d
3.MoveNext()
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Graph_Email_Test1_Issue.Program.<Main>d
_0.MoveNext() in E:\Data\Ward\Documents\Visual_Studio_Projects\Graph_Email_Test1_Issue\Graph_Email_Test1_Issue\Program.cs:line 59

This exception was originally thrown at this call stack:
[External Code]

Inner Exception 1:
AuthenticationFailedException: ClientSecretCredential authentication failed: AADSTS1002012: The provided value for scope https://graph.microsoft.com/Directory.Read.All https://graph.microsoft.com/Domain.Read.All https://graph.microsoft.com/Mail.Read https://graph.microsoft.com/User.Read.All is not valid. Client credential flows must have a scope value with /.default suffixed to the resource identifier (application ID URI).
Trace ID: c18e06ac-ba5a-40d6-a85a-c62c4556fa02
Correlation ID: 56fd4ab0-3549-4719-8e3d-c0e67af93344
Timestamp: 2021-08-12 13:46:38Z

Inner Exception 2:
MsalServiceException: AADSTS1002012: The provided value for scope https://graph.microsoft.com/Directory.Read.All https://graph.microsoft.com/Domain.Read.All https://graph.microsoft.com/Mail.Read https://graph.microsoft.com/User.Read.All is not valid. Client credential flows must have a scope value with /.default suffixed to the resource identifier (application ID URI).
Trace ID: c18e06ac-ba5a-40d6-a85a-c62c4556fa02
Correlation ID: 56fd4ab0-3549-4719-8e3d-c0e67af93344
Timestamp: 2021-08-12 13:46:38Z

My questions are:

  1. How can I fix the code to get rid of the exception?

  2. How can I change the code so I can enumate a specific mailbox?

Here is the code that follows (AAA, BBB, CCC) are not the real values of course:

 using Azure.Identity;
 using Microsoft.Graph;
 using System;
 using System.Linq;
 using System.Threading.Tasks;
    
 // Install-Package Microsoft.Graph
 // Install-Package Microsoft.Graph.Auth -IncludePrerelease
    
 // App Permissions in Azure AD Console (Have also granted admin consent):
    
 // https://graph.microsoft.com/Directory.Read.All
 // https://graph.microsoft.com/Domain.Read.All
 // https://graph.microsoft.com/Mail.Read
 // https://graph.microsoft.com/User.Read.All
    
    
 namespace Graph_Email_Test1_Issue
 {
     class Program
     {
         static async Task Main(string[] args)
         {
             //var scopes = new[] { "User.Read.All" };
    
             var scopes = new string[] { "https://graph.microsoft.com/Directory.Read.All",
                                         "https://graph.microsoft.com/Domain.Read.All",
                                         "https://graph.microsoft.com/Mail.Read",
                                         "https://graph.microsoft.com/User.Read.All"};
    
    
             // Multi-tenant apps can use "common",
             // single-tenant apps must use the tenant ID from the Azure portal
             var tenantId = "AAA";
    
             // Values from app registration
             var clientId = "BBB";
             var clientSecret = "CCC";
    
             var options = new TokenCredentialOptions
             {
                 AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
             };
    
             // https://docs.microsoft.com/dotnet/api/azure.identity.clientsecretcredential
             var clientSecretCredential = new ClientSecretCredential(
                 tenantId, clientId, clientSecret, options);
    
             var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
    
             //var user = await graphClient.Me
             //    .Request()
             //    .GetAsync();
    
    
             // var user = await graphClient.Me.Request().GetAsync();
    
    
             var users = await graphClient.Users.Request().GetAsync();   // Generates exception below.
    
             var user = users.First(); //get the first user
    
    
             //var messages = await graphClient.Me.Messages
             //    .Request()
             //    .GetAsync();
         }
     }
 }
microsoft-graph-mail
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

GlenScales-6756 avatar image
0 Votes"
GlenScales-6756 answered WardH-0381 edited

for the Scope you can just use

 var scopes = new string[] {"https://graph.microsoft.com/.default"};

In your Application registration its important that you assigned Application permissions not Delegate Permissions https://docs.microsoft.com/en-us/graph/permissions-reference and they need to be consented to (by and Admin) in the tenant

To get Messages from a particular users mailbox you just need


 var messages = await graphClient.Users["user@tenant.onmicrosoft.com"].Messages

The /me endpoint won't work when using a Service Principal (Client_Credentials Flow)

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi GlenScales-6756,

Excellent help thanks :)

Ward

0 Votes 0 ·