I am trying to use Service account to send Email notifications using Logic Apps. The Service account has been configured with an email box and has been added to Office 365 tenant.
I am using the Consumption mode since Standard mode doesn't send Email notification via Office 365. I am using Outlook Office 365 connector available only in Consumption mode to send the alerts.
On using it , it gives me following error
"Please check your account info and/or permissions and try again. Details: REST API is not yet supported for this mailbox. This error can occur for sandbox (test) accounts or for accounts that are on a dedicated (on-premise) mail server. clientRequestId: 42886b20-eaec-490a-8124-6b4e4064ee13 serviceRequestId: a967a2ff-7244-d99b-7283-52f745fd78d6 More diagnostic information: x-ms-client-request-id is '4B4754D7-D2D7-41C0-811D-FEF9F1244715'."
Any idea what might be an issue ?
You are receiving this due to lack of permissions for your mailbox account. This error usually occurs when the connector you used is connected with an account which is not of Office 365. One of the way to make this work is to migrate mailbox data from the current account to Office 365.
After migration to Microsoft 365 mailbox, I could able to send emails without any errors.
RESULTS:
Related
I get the error "OrganizationFromTenantGuidNotFound" while trying to access to my inbox messages.
To explain I am trying to develop an app and in this app I need to access my inbox e-mails.
So I try to use the Outlook API and for that I created an APP with all demanded permissions "Email.Read, Email.ReadBasics, Emails.ReadAll...". I have an Office 365 Family subscription, and an active paid azure subscription. My question is why getting my personal information works '/users/{user-id}' but when accessing to emails I got this error ? I read a lot of docs and never get an answer... Maybe my subscription does not get me access to Microsoft Exchange Online License, or due to my old microsoft address "...#live.com" maybe it is not compatible, I dont't know, if someone can help me to clear it out, would be great. Oh, and abviously my Office 365 and Azure account are the same.
I tried, with 'client credentials flow authentication' (which give me the error 'need more privileges'), went back to Authorization Code Flow Atuhentication but then I get the OrganizationFromTenantGuidNotFound error. But only on /messages endpoint, the endpoint users/{user-id} works. Obviously I tried all threads I found, even with an Office 365 Developer account but don't really see the correlation with my problem here.
im trying to access my onedrive from an azure ML script , both using same account ( though the azure one is personal while the onedrive one is work ) . The connection succeeds but then gives a 400 error...any idea why ? thanks
----------------
Authenticated!
Client Error: 400 Client Error: Bad Request for url: https://graph.microsoft.com/v1.0/drive/root | Error Message: Tenant does not have a SPO license.
--------------
from O365 import Account
credentials = ('client id xxxx 6fb8a4', 'secret value xxxxx v6Hyoa2K')
account = Account(credentials,auth_flow_type='credentials',tenant_id='87xxxxx8-3db7f7',main_resource='myemail#email.com')
storage = account.storage()
if account.authenticate():
print('Authenticated!')
my_drive = storage.get_default_drive()
root_folder = my_drive.get_root_folder()
# iterate over the first 25 items on the root folder
for item in root_folder.get_items(limit=25):
if item.is_folder:
print(list(item.get_items(2))) # print the first two element on this folder.
Client Error: 400 Client Error: Bad Request for url: https://graph.microsoft.com/v1.0/drive/root | Error Message: Tenant does not have a SPO license.
The error you are getting for that you need to notice the couple of things. Please check the points stated in this stackover flow reference which says,
Office 365, Azure Active Directory, EMS (Enterprise Mobility Suite), personal Outlook, personal OneDrive, and other Microsoft cloud services are all accessible through the developer portal or API known
as Microsoft Graph. The API is free to use, but in order to access the
data it hides, you must have those services, some of which may be free
and others of which you may have to pay for.
Regarding integrating Office 365 into your current tenant. I believe
you used a Microsoft Account to join up for Azure. For that tenant,
you can still buy or acquire Office 365. You may have to add a
new Azure AD user to your tenant (not a Microsoft Account) and give
them company admin privileges. Whether it asks if you already have a
tenant or account, login in with the AAD account you just generated.
You should then be able to sign up for Office 365. And there you have it an Azure AD tenant with both an Azure AND an Office 365
subscription.
Solution : You must be using an Office 365 Home license for you azure ad tenant. For SharePoint Online you need an Office 365 Business account .
You need a license that include all the OneDrive service (Operation). So, recommendation is Office 365 Business Essentials which is the cheapest and has Microsoft Graph functionality - more than just upload/manipulate Excel files in OneDrive in future.
So from the above conclusion, you can't use the Microsoft Graph API to access OneDrive data(read and upload) without having SharePoint Online (which only comes with the business licenses).
Reference:
SO thread by Allen Wu
I have an Enterprise Application registered on Azure Active Directory and I want only certain AAD users to be able to access it. I have created a user group for the authorized users and everything works fine. The users who are not assigned to the application, as expected, can't sign-in and they get an error message like the following after successful authentication. Is it possible to customize this message? I just need to add a support email address.
Customization of error message in AzureAD may not be possible as in AADB2C. You may try to give the support email in "sign-in page text and formatting" entry box through Company branding page for AAD sign-in .But this page appears as background in sign in page no matter success or failure of user authentication.
Note :Company branding requires azure ad Premium 1, Premium 2, or
Office 365 (for Office 365 apps) licenses.
I'm trying to query 365 SharePoint list data from MS Graph.
I've setup the app via portal.azure.com and I gave it application permissions to everything that is required for User, Mail, Sites and Groups. I gave it permissions on the MS Graph and SharePoint sections within the permissions.
I can query for Users and their calendar information but when it comes to Sites I get the following.
Image of Api response
We have the Azure AD Premium P1 subscription for Education.
I tried using the same tenant ID, Client ID and secret in Postman and I get similar results.
I tried to query for the same data via myself logged into Graph Explorer and I get the data I'm expecting.
How can I query for the data from SharePoint via the app credentials for all sites and all data in my tenant
Thank you.
Users may be unable to access multiple Microsoft 365 services, any service that leverages Azure Active Directory (AAD) may be affected. Microsoft is working on this issue actively.
Microsoft 365 Service health status
Our company has a Microsoft Azure account (Pay-As-You-Go).
We had a programmer that developed our web app. We gave him full access to our Azure account. So, he had access to everything.
We intend to hire another developer to make modifications to the web app, so he'll need access to the App Services and SQL Databases. Our intention is to just allow him access to those features.
We did our research and came across the documentation, Resources, roles, and access control in Application Insights. We followed it step by step, but there's an issue. Doc LINK
We tested the procedure by adding one of our IT staff's Microsoft account (personal Outlook.com account) and assigning him the Contributor role, and sent him an invite. He's not seeing the invite. We did the same for another staff, but it's the same problem.
Can we get some assistance please?
It was not working earlier .I tried with one gmail id. Now it is working perfectly fine and I am able to receive the invitation email.
To send invitation, you need to go to active directory. Add user's email as a guest under add user option (Add guest user).