Forum Discussion

Jeroen Niesen's avatar
Jeroen Niesen
Copper Contributor
May 15, 2018
Solved

Authentication issues

Hi,   I am currently testing some features of the Graph to incorporate in an application that we plan to develop. When I use the authentication example (https://techcommunity.microsoft.com/t5/Using...
  • Jason_Wescott's avatar
    Jason_Wescott
    Sep 04, 2018

    Peter,

     

    One approach would be to request Delegated permissions for Graph SharePoint API calls and App Only permissions for Graph Security API calls. Your application would essentially be acting as a service when it retrieves security alerts, and using the user account your created when writing those alerts to the SharePoint list.

    Without knowing how your application is invoked I don't know if this option is feasible for you. It doesn't sound like the app is an interactive app since you've created a user which sounds like it's acting like a service account and reading and writing alerts. App Only seems like a viable option. Just make sure if the application is interactive, that it doesn't let regular users view security alerts when they otherwise wouldn't be able to.

Jeroen Niesen's avatar
Jeroen Niesen
Copper Contributor
May 16, 2018

Jeremy Dallman thanks for your reply. Do you have a rough estimation when the bug will be fixed?

Jeremy Dallman's avatar
Jeremy Dallman
Icon for Microsoft rankMicrosoft
May 17, 2018

Jeroen, we have resolved an issue with the Security API traffic manager that affected multiple customers ability to query for their Alerts. Please confirm you are seeing Alerts now.

 

Thanks for notifying us of the issue and thanks for participating in our Public Preview. Please let us know if you encounter this or other issues in the future.

  • Jeroen Niesen's avatar
    Jeroen Niesen
    Copper Contributor
    May 17, 2018
    Thanks Jeremy! I did already some test this morning (Dutch time) when everything was already working as expected.

    We have some cool plans with the security graph API - development started today! If I encounter any other issues, I will reach out to you.
    • Sajith G H's avatar
      Sajith G H
      Brass Contributor
      Jun 14, 2018

      Getting the following error - Failed to load resource: the server responded with a status of 403 (Forbidden) while accessing graph api. When I tried using postman with bearer token - getting this error message - Either scp or roles claim need to be present in the token.

       

      Used the below portal for App registration (Client ID + Secret)

      https://apps.dev.microsoft.com

       

      • Jason_Wescott's avatar
        Jason_Wescott
        Brass Contributor
        Jun 19, 2018

        Sajith, you need to ensure the application has been granted the required permissions by the tenant admin and if using delegated permissions you need to ensure the user has the right role in AAD which is either Global Admin, or one of the Limited Administrator roles of Security Reader and/or Security Writer.

Resources