alternativeSecurityIds is a list of complex type. Which field are you referring to? The fields are documented on the link at the start of this comment.
alternativeSecurityIds is a list of complex type. Which field are you referring to? The fields are documented on the link at the start of this comment.
This can be related to replication within AAD as AAD has an internal distributed architecture. When you create new resources, it takes some short window for the resources to be replicated to all AAD nodes even though you get the resource created and returned in the request. This means the subsequent requests that depend on the new resource like the secret can potentially hit a node that does not have the update yet. You may have to implement some kind of retry to handle this. I will share resources that I can find if this is the case for you.
Have you ensured the requirements for hybrid setup that support Graph API are correct? Please check here Use REST APIs to access mailboxes in Exchange hybrid deployments (preview)
How have you obtained the access token? If you used https://login.microsoftonline.com/{tenant-id}/oauth2/v2.0/token is the user in the same tenant?
To isolate what is causing this.
- Take a look at this doc on requirements for hybrid to see if something is missing.
- Check this thread to see if you can point issue on your scenario.
- You can also test the API with Graph Explorer to see if it works for delegated permissions and check if it only fails for on prep users.