Forum Discussion
403 Forbidden response when requesting Microsoft Security Graph API
I too am getting 403 using PowerShell while taking the same steps. The same code works for other applications, such as fetching email from exchange mailbox folders
$Headers = @{"Authorization" = "Bearer $Token"}$RestSplat = @{Uri = 'https://graph.microsoft.com/beta/security/secureScores?$top=5'Headers = $HeadersMethod = 'Get'ContentType = 'application/json'}Invoke-RestMethod @RestSplat... a bit redacted but you get the gistEDIT: Granting Application Permissions instead of Delegate Permissions enabled me to return dataagain this is for Secure Score but worth noting
Hi AndrewX,
You may have changed your API permissions after giving your application admin consent. When you give admin consent, Azure AD will take a "snapshot" of the permissions at the time of consent. Then if you change the permissions later, you will need to re-do the admin consent process again.
Try typing
https://login.microsoftonline.com/common/adminconsent?client_id={YOUR-APP-ID}
into your browser window to prompt the admin consent for your application again. For more details refer to https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#request-the-permissions-from-a-directory-admin.
If this doesn't resolve your issue, feel free to send me a private message.
Thanks,
Edward
Edward Koval I got the error post login when trying the OIDC example for ADAL https://github.com/Azure-Samples/active-directory-java-webapp-openidconnect/tree/master
Any idea where I can change the permissions for my app.
anotherrohit The repo has been archived and that is for Graph API, which may be different from Graph Security API. You can also check out our Graph Security API's http://Quickstart samples that have authentication examples in C#, Python, Nodejs. Let us know if you still run into the issue.
