Recent Discussions
Unable to retrieve all attachments from forwarded Outlook emails using Graph API
We have integrated Outlook with our system using Microsoft Graph API and subscribed to message events. Whenever we receive an event, we process the email message at our end. Currently, we are facing an issue related to attachments in forwarded email conversations. Scenario An email conversation contains multiple replies. Some of these replies contain attachments. When a user forwards the entire email thread, Outlook generates a forwarded email that includes the conversation history in the email body. Problem When we receive the forwarded email event and fetch the message details using the Microsoft Graph API, we observe the following: The forwarded email only contains the latest reply's attachment. Attachments from earlier replies in the thread are not included in the forwarded message attachments. In some cases: The first reply contains an attachment. Subsequent replies do not contain attachments. When the user forwards the email, the forwarded message JSON shows: hasAttachments: false But, the forwarded email body still contains the previous conversation that had attachments. Our Questions Is there a way to retrieve all attachments from the entire email thread when a conversation is forwarded? Can we retrieve these attachments using the current user's access token via Microsoft Graph API? If there is a way, please also let us know how we can identify forwarded emails using the Microsoft Graph API, so that we can apply this solution only for forwarded emails. Our Requirement We need a reliable solution that works in production to ensure that all attachments from the email conversation are retrieved, even when the email thread is forwarded. This issue is currently impacting our production system, so we would greatly appreciate any guidance on the correct approach. Thank you in advance for your support.Mails with attachments sent via the Graph API are stuck in drafts folder and not being sent
Mails being sent via Graph API using the createUploadSession way is keeping the mails in the Drafts folder and not being sent. This was working till mid January. Is there any graph update/ api deprecation that happened recently that is causing the issue?
Is principalId Always a GUID in Microsoft Graph ??
{ "error": { "code": "Request_BadRequest", "message": "Invalid GUID:HR", "innerError": { "date": "2026-02-13T06:44:24", "request-id": "87678d90-1d94-4131-a705-4356ad3568a4", "client-request-id": "63569c7b-1dea-42d4-8d72-aa3668c78418" } } } We’re encountering an issue with the Microsoft Graph API response for directoryRole Recently, one of our Graph API calls started returning a response where the principalId value appears to be a custom string instead of the expected GUID. In our code, we loop through each id from the delta response, assuming it will always be a valid GUID. However, we are now getting errors because one of the returned principalId values does not match the expected format. Our questions: Is it possible for Microsoft Graph API to return a custom string instead of a GUID for principalId? Has anyone experienced similar behavior with delta queries for directoryRole or any other object? Are there any known scenarios where the principalId format differs from the standard GUID? Any insights would be appreciated.Microsoft Graph API returns 502 Bad Gateway (UnknownError) when calling List members of a chat
Description: I am encountering a persistent 502 Bad Gateway error with the UnknownError code when attempting to list members of a specific chat via the Microsoft Graph API v1.0. This issue occurs even though the chat ID is valid and the authorization token has the necessary permissions. API Endpoint: GET /v1.0/chats/{chat-id}/members Steps to Reproduce: 1. Obtain a valid access token with Chat.Read or Chat.ReadWrite permissions. 2. Call the endpoint for a meeting chat: https://graph.microsoft.com/v1.0/chats/19:meeting_NmU5Yjk3NTAtYTk2ZS00Yzg0LWEyYmQtZTJhMjI4NmJjZmRh@thread.v2/members 3. The API returns a 502 Bad Gateway response. Debug Information (Request Details): * Date: 2026-02-06 06:17:55 (GMT) * Request ID: be906f9e-2108-4722-91b8-ecee8bfb41f0 * Client Request ID: be906f9e-2108-4722-91b8-ecee8bfb41f0 * DataCenter: Germany West Central * X-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"Germany West Central","Slice":"E","Ring":"4","ScaleUnit":"001","RoleInstance":"FR2PEPF0000118F"}} Raw Response Body: { "error": { "code": "UnknownError", "message": "Bad Gateway", "innerError": { "date": "2026-02-06T06:17:55", "request-id": "be906f9e-2108-4722-91b8-ecee8bfb41f0", "client-request-id": "be906f9e-2108-4722-91b8-ecee8bfb41f0" } } } Additional Context: The connection is established successfully via TLS 1.3, but the upstream server seems to be failing. This happens specifically with meeting-related chat threads. Could you please investigate if there is a service degradation or a specific issue with this chat object in the Germany West Central region?
Intermittent connection failures with login.microsoftonline.com since Jan
we are getting intermittent connection failures (handshake error http -1) while connecting to token URL - "login.microsoftonline.com" since last one month. Anything changed as far as accessing this graph API access token URL? tried grabbing certificate from this URL but still the issue persists. which certificate should we be using? anybody has any insights on this issue?
unable to send notification to teams channel using graph api
We tried to send notification to teams channel using microsoft graph api via python we can able to send to message to the channel but the notification is not getting triggered in the activity tab we have refered below documentation. https://learn.microsoft.com/en-us/graph/api/team-sendactivitynotification?view=graph-rest-1.0&tabs=python Also we don't need device authentication and browser authentication please share approach to bypass those things. below is the error we are facing. raise exc msgraph.generated.models.o_data_errors.o_data_error.ODataError: APIError Code: 403 message: None error: MainError(additional_data={}, code='Forbidden', details=None, inner_error=InnerError(additional_dmsgraph.generated.models.o_data_errors.o_data_error.ODataError: APIError Code: 403 message: None error: MainError(additional_data={}, code='Forbidden', details=None, inner_error=InnerError(additional_d APIError Code: 403 message: None error: MainError(additional_data={}, code='Forbidden', details=None, inner_error=InnerError(additional_d Code: 403 message: None error: MainError(additional_data={}, code='Forbidden', details=None, inner_error=InnerError(additional_d message: None error: MainError(additional_data={}, code='Forbidden', details=None, inner_error=InnerError(additional_d error: MainError(additional_data={}, code='Forbidden', details=None, inner_error=InnerError(additional_data={}, client_request_id='________-___-____-____-____________', date=datetime.datetime(2026, 2, 3, 14, 37, 8), odata_type=None, request_id='________-___-____-____-____________'), message="Application with AAD App Id '________-___-____-____-____________' is not authorized to generate notifications about 'https://graph.microsoft.com/v1.0/teams/6a6079bc-feaf-4865-bc21-1201b310c25c' to the recipient. Ensure that the expected Teams app is installed in the target scope (user, team, or chat).", target=None). Please help us to resolve this issue.Deleted security groups return "securityEnabled": false, appear as ‘unrecognized’ in Entra admin
When retrieving the list of soft-deleted groups with Graph, both M365 groups and security groups are returned. However, the securityEnabled flag is returned as false for security groups. Is this a bug? This likely leads to displaying them in the Entra admin center as 'Unrecognized' type.
Slow UI update for deleted events
I've built an integration that continuously syncs events between an external scheduling system and Exchange Online using Microsoft Graph. I'm observing a recurring issue when deleting calendar events via Graph: A DELETE request to Graph returns success (204 No Content). A subsequent GET /events/{id} returns 404, confirming the event is deleted server-side. However, the event continues to appear in the Outlook UI (both Outlook Web and desktop) for an extended period (sometimes hours), even after page reloads or app restarts. The odd behaviour The event is still displayed in the user interface for up to several hours The event persist through page reloads If the user clicks the event it opens briefly and immediately closes, the event disappears from the UI afterward. Additional details Delete endpoint: /users/{id}/events/{id} Graph response: 204 No Content Verified deletion via GET → 404 Reproduces in both Outlook Web and Outlook desktop Questions Is this a known Outlook client caching or calendar view indexing issue? Is there a way to force client reconciliation after deletes? Are there Graph or Exchange constraints around rapid create/update/delete cycles that could cause this UI inconsistency?
How to Retrieve Windows Edition (SKU) from managedDevices API
Hi everyone, I am working with the Microsoft Graph API endpoint /v1.0/deviceManagement/managedDevices to iterate through all devices in a tenant and collect operating system related information. For Windows devices, the operatingSystem field only returns "Windows". However, Windows has multiple editions such as Enterprise, Education, and Pro. For my use case, I need the specific Windows edition. Is it possible to retrieve this information using only the v1.0 endpoint, or is the beta endpoint /beta/deviceManagement/managedDevices/{managedDeviceId} required to get the SKU family? Thanks in advance for your help.Is there possibly no official documentation for Windows 11 search?
I have looked far and wide to find a definitive, official technical reference for the Windows 11 search service... especially for the various search parameters and the syntax they require from a savvy user to conduct a well specified, precision search for something. Is it possible that Microsoft has not produced a formal specification of Windows' search feature? Would someone from Microsoft please, please, please provide a link to such a document? Is it possible to buy it? Does it exist anywhere? Am I deluded to think that that is something that the provider of the world's most used desktop OS would have had to create, as a matter of course? I'm talking here about conducting searches, within the file system of a Windows 11 (Pro) machine, that one initiates from the "Search Home" box at the top right of every File Explorer window that gets opened by the user. Any thoughts from someone actually involved in creating the search tool? Imploringly yours, SJBResource not found while trying to access the available resource
I am attempting to automate CRUD operations on Microsoft Entra objects using the Microsoft Graph API. However, I am encountering a Resource not found error when accessing a resource programmatically, even though the same resource is accessible without issue when invoking the API endpoint via Postman.Alias for Refinable Managed Property Not Working in Search Queries
Hi, The alias for the refinable managed property has worked as expected in sortProperties for the past year, but it has recently stopped working and now returns an error. Using the original managed property name (RefinableDateSingle01) continues to work as expected. The error is shown below, together with the trace ID. Unfortunately, we are unable to switch to using RefinableDateSingle01 in sortProperties as it does not meet our business requirements. We are currently facing challenges due to the large number of SharePoint sites, many of which we do not have permission to access. As a result, we can only confirm that the refinable managed property RefinableDateSingle01 and its associated alias are configured correctly on the SharePoint sites where we have full access. What is the root cause of this issue, and how can it be resolved? https://graph.microsoft.com/v1.0/search/query { "requests": [ { "entityTypes": [ "listItem" ], "query": { "queryString": "* AND SiteId:\"siteId\"" }, "from": 0, "size": 50, "sortProperties": [ { "name": "RefinableDateSingle01", // This works when I use the refinable managed property name (RefinableDateSingle01), but it does not work when I use the alias I defined for this property "isDescending": false } ] } ] } 500 Internal Server Error (When I used alias in sortProperties) { "error": { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "InternalServerError", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "FanoutDownstreamContradiction", "message": "The call failed, please try again.", "target": "", "details": [ { "code": "TwoStepFanout_FirstStepFailed", "message": "The call failed, please try again.", "target": "", "serviceName": "Xap", "moduleName": "SubstrateSearch.FanoutV2.MultiDimensionSearchFanoutPluginV3", "contactTeam": "3sdri", "httpCode": 500 }, { "code": "FanoutDownstreamContradiction", "message": "The call failed, please try again.", "target": "", "serviceName": "FanoutService", "moduleName": "Fanout", "contactTeam": "3STenantSearchDevs", "httpCode": 500 } ], "serviceName": "FanoutService", "moduleName": "Fanout", "contactTeam": "3STenantSearchDevs", "httpCode": 500 } ], "moduleName": "SubstrateFanoutSearchWorkflow", "httpCode": 500 } ], "moduleName": "AscUserSearchFanoutWorkflowV2", "httpCode": 500 } ], "moduleName": "AscUserSearchFanoutWorkflowV2", "httpCode": 500 } ], "moduleName": "G21AscWorkflow", "httpCode": 500 } ], "moduleName": "TenantFileSearchFederationWorkflow_ASC", "httpCode": 500 } ], "moduleName": "TenantFileSearchFederationWorkflow", "httpCode": 500 } ], "moduleName": "FederationWorkflow", "httpCode": 500 } ], "moduleName": "TopLevelWorkflowBase", "httpCode": 500 }, "Instrumentation": { "TraceId": "57c005b9-07fc-453b-8c73-2650d90670e0" } }
Microsoft accounts
Hi all. I have a problem with my daughters Microsoft accounts which I'm hoping you can help with. She set up an account for her X Box on my email address (without asking me first) which is preventing me from setting up my own account for Windows. Since then she has also set up a Hotmail account with her own email address. I understand we can set up an alias on the X Box account using her email but will this conflict with the Hotmail account. The problem is she doesn't want to change her gamer tag which was set up on my email address. Any help / advice will be gratefully received. Many thanks in advanceMicrosoft accounts
Hi all I have a problem with my daughters accounts. She set up an account for her X Box on my email which has prevented me from having my own account for Windows. She has also set up her own Hotmail account for her emails. She wants to keep her gamer tag (set up on my email) not the one she has been given on the Hotmail account. I understand that I can create an alias on my account using her email and this should keep her gamer tag but will it conflict with her Hotmail account. Any help / advice will be gratefully received Many thanks in advance.Error while creating Graph API Access token
Hi guys, I am trying to create an access token for calling Graph API through browser. When I call 'https://login.microsoftonline.com/XXXX-XXXX-XXX-XXX-XXX/oauth2/token' api using AJAX, I receive below error. Access to XMLHttpRequest at 'https://login.microsoftonline.com/XXXX-XXXX-XXX-XXX-XXX/oauth2/token' from origin 'https://cevalogisticsoffice365.sharepoint.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Please can you provide me why this error is occurring and what is the solution for this. RegardsAttempt to automate GSA setup in Azure through Graph API
Hi, Using https://developer.microsoft.com/en-us/graph/graph-explorer and signed in as a user with Applications, Network, NetworkPolicy, Global Secure Access Admin roles, I am trying to POST to https://graph.microsoft.com/beta/networkAccess/connectivity/remoteNetworks using Payload Body { "name": "Hello", "region": "norwayEast" } How come I get the HTTP response code 400 with "code": "UnknownError", "message": "{\"error\":\"Invalid request parameters\"}", ?O365 Group email settings
I am in the middle of trying to create some automated routines that create groups in O365 and add/remove members from them as needed. One of things I ran into is that when an email is sent to the group, the emails are not going into each members' inbox and are only visible in Outlook through "Go to groups" in the left hand menu. I can see the settings that need to be set but can't set them because either, A: it just doesn't do it or B: says I don't have permission. Doing this through C# and the Graph SDK The two items I think I need to turn on are below. What permissions are needed to be able to manage those settings but NOT be able to have access to anyone and everyones' email boxes, emails, etc or is there another way to do this? IsSubscribedByMail AutoSubscribeNewMembersRetrieve Item Analytics for Multiple Items
Hi, our team has noticed that it’s not possible to retrieve analytics when querying a list of items using $expand. When we run this type of query, we don’t receive an error indicating that it’s not allowed; instead, the analytics property just returns null values. https://graph.microsoft.com/v1.0/sites/<<SiteId>>/lists/<<ListID>>/items?$expand=fields,analytics($expand=allTime) However, when we query a single item, everything works as expected. https://graph.microsoft.com/v1.0/sites/<<SiteId>>/lists/<<ListID>>/items/<<ListID>>/analytics/allTime Is there a way to retrieve analytics data for multiple items in one request?Entra Conditional Access Issue
Hi Guys, Our Outlook add-in relies on the Graph API to fetch emails. Due to customer-side Conditional Access (CA) Policies, we are seeing critical failures where Continuous Access Evaluation (CAE) demands user interaction (InteractionRequired code) to resolve challenges like LocationConditionEvaluationSatisfied or TokenCreatedWithOutdatedPolicies. Since this authentication occurs backend-to-Entra, we lack a frontend mechanism to prompt the required user interaction. Is there a recommended pattern, method, or architectural change that allows our backend to redirect or challenge the user for interactive sign-in, thereby satisfying these CAE requirements and unblocking customers? Exact error messages: 1. Continuous access evaluation resulted in challenge with result: InteractionRequired and code: LocationConditionEvaluationSatisfied 2. Continuous access evaluation resulted in challenge with result: InteractionRequired and code: TokenCreatedWithOutdatedPolicies
Recent Blogs
- ServiceNow tickets Graph connector is now generally available, adding to the suite of Microsoft Graph connectors for ServiceNowJan 17, 2024
- Get complete control of your Graph connectors rollout strategy with a measured exposure of connections to select users and groupsDec 01, 2023
