I get the error "OrganizationFromTenantGuidNotFound" while trying to access to my inbox messages.
To explain I am trying to develop an app and in this app I need to access my inbox e-mails.
So I try to use the Outlook API and for that I created an APP with all demanded permissions "Email.Read, Email.ReadBasics, Emails.ReadAll...". I have an Office 365 Family subscription, and an active paid azure subscription. My question is why getting my personal information works '/users/{user-id}' but when accessing to emails I got this error ? I read a lot of docs and never get an answer... Maybe my subscription does not get me access to Microsoft Exchange Online License, or due to my old microsoft address "...#live.com" maybe it is not compatible, I dont't know, if someone can help me to clear it out, would be great. Oh, and abviously my Office 365 and Azure account are the same.
I tried, with 'client credentials flow authentication' (which give me the error 'need more privileges'), went back to Authorization Code Flow Atuhentication but then I get the OrganizationFromTenantGuidNotFound error. But only on /messages endpoint, the endpoint users/{user-id} works. Obviously I tried all threads I found, even with an Office 365 Developer account but don't really see the correlation with my problem here.
Related
We are trying to connect an internal application to Sharepoint 365. The goal is to read data from Sharepoint 365 lists and Excel documents. We want to take advantage of the fact we already use OAuthentication and basically our users login with their own Windows credentials. Now, to accomplish that we first need to register an application with Sharepoint which we did using this link:
https://mycompany.sharepoint.com/sites/MySite/_layouts/15/appregnew.aspx
After that we also need to get an authorization code for clients to login with their Windows account. We do that with this URL:
https://mycompany.sharepoint.com/sites/MySite/_layouts/15/OAuthAuthorize.aspx?client_id=14f0e39c-1234-42ea-bed5-ee5c7c834655&scope=List.Read&response_type=code&redirect_uri=https%3A%2F%2Fmysite.mycompany.com%3A9090%2Foauth%2F2.0%2FredirectURL.jsp
When we run that last link we get the error below:
Sorry, something went wrong
There is no claims identity. Please make sure the web application is configured to use Claims Authentication.
TECHNICAL DETAILS
Troubleshoot issues with Microsoft SharePoint Foundation.
Correlation ID: 367ee69f-5066-0000-e1ef-cee55f7b7000
As you can see, the error is not very helpful. I have done already lots of research and answers vary from lack of higher level of access, to invalid URL request. I have elevated access and the URL is well constructed. Yet the error persist.
So, my question, what is the meaning of the error? Why is not executing?
We logged a Microsoft Premier Support ticket and behold! the problem has been fixed.
I am trying to use "https://graph.microsoft.com/v1.0/me/events" or "https://graph.microsoft.com/v1.0/me/onlineMeetings" to create online meeting programmatically.
I used help from many resources specially this
https://vikrantsdynamicsblogs.wordpress.com/2020/03/28/programmatically-create-the-teams-meeting/.
I have used this API to get token using password grant type
"https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token" but the problem happened when I am calling "https://graph.microsoft.com/v1.0/me/onlineMeetings" I got 403 Forbidden
and when I am trying to call "https://graph.microsoft.com/v1.0/me/events" using the same access token I am getting this response
I have added delegate permission from Azure portal
Any Ideas why both are not working with me?
Authorization errors can occur as a result of several different issues, most of which generate a 403 error (with a few exceptions). We could refer to this doc to resolve Microsoft Graph authorization errors.
We cannot create online meeting via personal Microsoft account, if you are using work or school account, we need to ensure the account has the permission: OnlineMeetings.ReadWrite, if you are create online meeting via Application, we need OnlineMeetings.Read.All and OnlineMeetings.ReadWrite.All* permission, check this Create onlineMeeting and Online meetings permissions for more details.
Our company has a Microsoft Azure account (Pay-As-You-Go).
We had a programmer that developed our web app. We gave him full access to our Azure account. So, he had access to everything.
We intend to hire another developer to make modifications to the web app, so he'll need access to the App Services and SQL Databases. Our intention is to just allow him access to those features.
We did our research and came across the documentation, Resources, roles, and access control in Application Insights. We followed it step by step, but there's an issue. Doc LINK
We tested the procedure by adding one of our IT staff's Microsoft account (personal Outlook.com account) and assigning him the Contributor role, and sent him an invite. He's not seeing the invite. We did the same for another staff, but it's the same problem.
Can we get some assistance please?
It was not working earlier .I tried with one gmail id. Now it is working perfectly fine and I am able to receive the invitation email.
To send invitation, you need to go to active directory. Add user's email as a guest under add user option (Add guest user).
How does an Office 365 administrator grant permissions for an email account to be accessed via the REST API? To be more specific: to grant the "Required Scope"
The Office 365 administrator at the company I work for and myself were on the phone for at least an hour with the people at mssupport_microsoft_com attempting to find an answer to this question. Both the first level and second level support people admitted they could not find the answer to this question. ??
The REST API is documented at: https://msdn.microsoft.com/office/office365/APi/mail-rest-operations.
Note that for each API endpoint there is a line that looks to me like a permissions value. For example for the "get messages" API there is:
"Required scope: Mail.Read". For the send message there is: "Required scope: Mail.Send" and for delete message there is: "Required scope: Mail.ReadWrite". Simple straight forward stuff.
I'm accessing my personal email for the company I work for and I am able to, via the aforementioned REST API's, send messages and fetch messages; NO PROBLEM. When I attempt to delete a message, the response is 403; Forbidden.
Assuming that my account has not been granted the correct permission for delete: Mail.ReadWrite, I contacted the Office 365 administrator at my company and requested that he review the permissions granted to my account and to grant me Mail.ReadWrite. He agreed that this must be the issue.
However, his training had not prepared him for this request. He didn't know how to do it. So, he contacted MS support to to find out how he(as the sole administrator) could grant my account permission to be accessed by the REST API. And, like I mentioned above, the ms people did not know how to administer this functionality.
I asked if there was an administrators guide ANYPLACE that would document this feature and the ms people didn't have a clue.
Anybody?
p.s. I'm accessing the api's with the python requests package.
Looking at the response in more detail revealed this is the problem:
{"error":{"code":"OAuthMissingForThisService","message":"Authentication for this service requires OAuth: outlook.office.com."}}
Scenario
I'm trying to convert my Silverlight Business Application over to the cloud with the help of Azure. I have been following this link from Brad Abrams blog.
Both the links to Windows Azure and SQL Azure crash out in Google Chrome, they work in Internet Explorer, but it's literally one of the worst user experiences I've ever had.
The Problem
I'm asked to sign in to Microsoft connect with my Live ID.
I do so, I'm then asked to register; I do so.
I'm then sent a verification email which I verify.
I'm then signed out!
When I sign back in, it repeats the process....
Any suggestions for making this work?
Edit/Update:
Finally managed to get signed up/in to connect. From here I was able to get hold of an invitation code to Windows Azure. Now I need an invitation code for SQL Azure. I cannot see ANYWHERE that advertises a way of getting this SQL Azure code, the only thing that I have seen is some text saying that there "may be a delay" in receiving codes due to volume of interest, which quite frankly I find hard to believe.........
It's so far been 3 days now. This officially sucks!
If I have any more news I'll post back here.
I eventually gave up and emailed the support team moaning about the poor service, got an email invitation code about a day later :-D
Let me assure you that the Windows Azure Portal itself works fine under Chrome... Connect however doesn't.
I'm not sure at what point of the process you're getting stuck. Is it registering for Connect? Or have you gotten far enough that you're filling in a survey to get access to Windows Azure?
If it's as early as registering for Connect, I would contact Connect Support: https://connect.microsoft.com/Main/help/emailsupport.aspx?Category=3.
Thats funny. I have just received an SQL Azure October CTP invitation that doesn't work.
But after 3 weeks i still dont have a Windows Azure invitation code. From where Im standing, the Azure registration process appears to be a jumbled mess.
As of Jan 4th SQL Azure (as well as Windows Azure) is now open to all users to register and SQL Azure no longer require tokens. For more details on this please see the blog post.