I'm using One drive for business. The /_api/v2.0/drive/view.sharedWithMe return a folder, and I try to access this folder detail.
I tried several solutions listed here but it seems like nothing is working.
When I try to add the folder to the user's drive, I got the following error:
{
"error": {
"code": "-2147024891, System.UnauthorizedAccessException",
"message": "Access denied. You do not have permission to perform this action or access this resource."
}
}
When I try to "enumerate the content of a shared folder", I got the following one:
{
"error": {
"code": "unauthenticated",
"message": "The caller is not authenticated."
}
}
Thank you
When using shared items and OneDrive for Business, you need a different permission scope. The Files.ReadWrite scope provides access to only the content's of a user's OneDrive for Business. To access shared items, you need to request Sites.ReadWrite.All, which shows up in the Azure Portal as "Read and write items in all site collections". Once you have this scope on your app, and the user has consented to the scope, those calls should work.
Related
Trying to bulk dismiss all risky signons so my security team can start new.
It should be able to be done using this powershell code:
get-riskyUser -Top 5 -Filter "Riskstate eq 'AtRisk'" -Orderby RiskLastUpdatedDateTime | Invoke-DismissRiskyUser
But I get this error 5 times:
VERBOSE: Performing the operation "Invoke-DismissRiskyUser_Dismiss" on target "Call remote 'RiskyUsersDismiss' operation".
Invoke-DismissRiskyUser_Dismiss: You cannot perform the requested operation.
I did authorize the scope for connect-graph with "IdentityRiskyUser.ReadWrite.All" as well assigned a P2 license to my admin account (which I think is stupid given the feature is a P1 feature)
This cmdlet calls the following API:
https://learn.microsoft.com/en-us/graph/api/riskyusers-dismiss?view=graph-rest-beta&tabs=http
so I dug up postman, got my self a shinny new bearer token based on a freshly minted app registration with the "IdentityRiskyUser.ReadWrite.All" API via app delegation which was then admin consented to then posted to the API using this body:
{
"userIds": [
"d9460130-07f0-43a9-9faa-df8c6635f4b7",
"faff0a2a-143e-431d-bd44-99db3f4fc30d"
]
}
and got back:
{
"error": {
"code": "BadRequest",
"message": "Invalid user ids.",
"innerError": {
"request-id": "a1dcf05e-bbf2-436a-9614-2a2d5b5d0fc0",
"date": "2019-12-06T19:59:03"
}
}
}
I triple checked those IDs are valid, also tried all lower case in the attribute name.
At a loss for what to do next, anyone have any thoughts and/or where I can post to github to open a ticket against the code?
Turns out a bunch of issues here. The PowerShell code didnt work because somehow I authorized read not readwrite on my first goes at it.
But thats not the whole story, next up, both the API and PowerShell were returning user object IDs for users no longer in Azure AD. These can never be dismissed via code nor the actual Azure Portal. I have a MS Case open for this.
I was Unable to get the search result in Facebook Graph Api Explorer For Topic search API. I am getting the following error. I also have the access token included.
{
"error": {
"message": "(#15) This method must be called with an app access_token.",
"type": "OAuthException",
"code": 15,
"fbtrace_id": "CJiZqVSATXu"
}
}
Well, the error message actually contains the problem. You're not using an App Access Token, but seemingly an User Access Token (from the Access Token structure in your screenshot).
You must select an app of yours in the upper right Applications dropdown, and then select Get App Token in the dropdown below.
Still, that will probably not help much in this case. Are you aware that only whitelisted apps can use the Topic Search API?
See
https://developers.facebook.com/docs/graph-api/using-graph-api#search
https://developers.facebook.com/docs/mediasolutions/topic_search/v2.5
I am using facebook Graph API to get user data with the below query
https://graph.facebook.com/search?q=xxx yyy zzzz&type=user&access_token=myTokenHere
And the reply is;
{
"error": {
"message": "(#9) Access denied",
"type": "OAuthException",
"code": 9
}
}
And also it makes my account to logoff from developer.facebook.com. When I try refreshing that web site it says I am logged out.
I am used to use this account for making this search, this happened suddenly. I made maybe a thousand successful search with this link, with this user with this query.
It doesn't says I am limited or something.
I googled it a lot and made a lot of research but couldn't find any solution to it.
I'm following the documentation here:
https://developers.facebook.com/docs/opengraph/using-object-api/
Using the following:
/me/objects/<app-namespace>:<created-object>?privacy={"value":"SELF"}
&object={"image":"https://<image-url>"}&access_token=<user-token>
Testing with the Graph API tool i'm getting this error:
{
"error": {
"message": "(#200) Requires extended permission: publish_actions",
"type": "OAuthException",
"code": 200
}
}
Ok well that seems obvious until I debug the access token:
Valid True
Origin Mobile Web Faceweb
Scopes publish_actions, user_friends
Anyone else seen this or have an idea of how to fix it?
EDIT Ok so I had publish_actions in both User & Friends and Extended permissions. I removed the User & Friends permission and now I get this:
{
"error": {
"message": "An unknown error has occurred.",
"type": "OAuthException",
"code": 1
}
}
Me no like unknown.
Ok so a couple things to note here that went wrong.
I picked an object type as an item thinking it would be <myapp>:item in the call. Well as it turns out the item is actually a product type so it is product.item a global type. What is handy is to actually click the get code link on the objects you create. Solution was to actually create my own app object type, which I thought I had.
In the Graph API make sure you actually use the application pull down in the top right to select the right app. I noticed some issues when it was set to the generic Graph API Explorer app.
Silly mistakes but cost me some time, hope it helps someone else.
I'm currently working on a facebook app which captures wall posts for a specified user, page or group, after a user has authorized the app I quote the access_token that is returned to call the method
https://graph.facebook.com//feed?access_token=
this works fine for pages and groups as we only need a valid token, however for users the results are different depending on the relationship between the user who authorized the app the user whose posts are being captured.
For example if there is no relationship between the two users some posts are not returned even though they are public and displayed when you view the profile of the user, however if they are friends more posts are returned.
Can someone please explain this behaviour? And is it possible to obtain all posts using this method?
Yes, per the permissions listed at https://developers.facebook.com/docs/reference/api/permissions the results of the call are different depending upon the relationship.
However when things are public and you use an access token that doesn't belong to the user, then no results are returned. I cannot remember a time when this wasn't this way. For some odd reason (by design or omission on Facebook's part) using the graph API to get at public posts using a user access token just doesn't want to work.
For example, You can see some public items here
http://www.facebook.com/zuck
http://graph.facebook.com/zuck
However, you cannot seem to get any feed from here without an access token
https://graph.facebook.com/zuck/feed
{
"error": {
"message": "An access token is required to request this resource.",
"type": "OAuthException"
}
}
Let's try adding an user access token that does not belong to zuck or a friend of zuck. https://graph.facebook.com/zuck/feed?access_token={UserAccessToken}
And here's what we get:
{
"data": [
]
}
What about an app access token? Let's try
https://graph.facebook.com/zuck/feed?access_token={AppAccessToken}
{
"error": {
"message": "Invalid OAuth access token signature.",
"type": "OAuthException"
}
}
So as you can see, it's difficult to get things via the graph that are not in alignment with your access token.
I manage to get most of the feeds from user's wall post. Although this is a old post, I hope someone can manage to get what they want from my answer.
Before getting the access token(to get the feeds), you need to add multiple correct Read Permissions "keys".
For example, you will have to add "read_stream", and "user_status" (which I found that these are the most important permission "key" to generate the correct access token, to retrieve one's so-called "public" feeds).
You can add more into generating the access token, in either you want the permission to GET, or POST, or BOTH.
Source is here: https://developers.facebook.com/docs/howtos/ios-6/#nativeauthdialog
One thing that I found is, the way to get the feeds result from user's "Home/About" page and Facebook Page (which is created for people to like (not add friends)) are different. The key is mentioned above, "read_stream", and "user_status". So it's better that you add both of the permissions in order to generate the access token to get everything in feeds.
Graph API doesn't return posts to the App if is not authorized to read user feed, even if posts are public.
Source: https://developers.facebook.com/bugs/290004301178437/
According to the latest api ,
FB.api("/me/feed","get",function(response) {//callback})
should do and also work well .
It is working now but facebook may change it in future.