question

LIPOAdministratorMartinJanecki-3699 avatar image
0 Votes"
LIPOAdministratorMartinJanecki-3699 asked LIPOAdministratorMartinJanecki-3699 answered

Msgraph Calls only via IIS timing out


I wrote an API to call MSGraph to retrieve user informations over https://graph.microsoft.com/v1.0/users?$count=true&$search= and deliver it to my .Net5.0 webapp.

so far everything was working good till I tried to publish the API and run it on my IIS.

From my IIS it only runs into a timeout: "detail": "A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (graph.microsoft.com:443)",

I tried to call MSGraph from the same server which works without any problems over postman and in my development environment.

Authentication for my API is done via the azure portal app-registration with client id and client secret.

like this:

 [HttpGet]
 [Route("TokenRequest")]
 public string MSGraphTokenRequest()
 {
     var client = new RestClient("https://login.microsoftonline.com/350a94cb-4159-4140-b29d-1d98051105d5/oauth2/v2.0/token");
     var request = new RestRequest(Method.POST);
     request.AddHeader("cache-control", "no-cache");
     request.AddHeader("content-type", "application/x-www-form-urlencoded");
     request.AddParameter("application/x-www-form-urlencoded", "grant_type="+grant_type+"&client_id="+client_id+"&client_secret="+client_secret+"&scope="+scope, ParameterType.RequestBody);
     IRestResponse response = client.Execute(request);
     return JsonConvert.DeserializeObject<Token>(response.Content).access_token; 
 }

and requesting the information:

     [HttpGet]
 [Route("GetUserTest")]
 public IActionResult GetUserTest(string userPrincipalName)
 {
     var client = new RestClient("https://graph.microsoft.com/v1.0/users?$count=true&$search=\"userPrincipalName:" + userPrincipalName + "\"");
     client.Timeout = -1;
     var request = new RestRequest(Method.GET);
     request.AddHeader("authorization", "Bearer " + MSGraphTokenRequest());
     request.AddHeader("ConsistencyLevel", "eventual");
     IRestResponse response = client.ExecuteAsync(request).Result;
     if (((int)response.StatusCode) != 200)
     {
         return Problem(response.ErrorMessage);
     }
     else
     {
         return Json(response.Content);
     }
 }

Maybe somebody could guide me in the right direction I have no further ideas how to solve this. Thanks in advance.

microsoft-graph-notifications
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LIPOAdministratorMartinJanecki-3699 avatar image
0 Votes"
LIPOAdministratorMartinJanecki-3699 answered

So my guess is that the IIS-Server is sending it requests with higher port numbers. So these requests were intercepted by our company firewall which of course I asked my dev-ops beforehand, if with this could be a firewall related problem... So the solution to the problem was to add a firewall rule for graph.microsoft.com.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.