Dec 13 2023 08:13 PM
I first encountered this issue in a project using the .NET SDK, but has since replicated it with the graph explorer at https://developer.microsoft.com/en-us/graph/graph-explorer to verify that the issue is with the api.
After creating a subscription, I can see it appear on a get request to https://graph.microsoft.com/v1.0/subscriptions, no problem. When I try any query with the subscription ID in the URL though, I always get the same error:
{
"error": {
"code": "ExtensionError",
"message": "Operation: Read; Exception: [Status Code: Unauthorized; Reason: p#S256 doesn't match.]",
"innerError": {
"date": "2023-12-14T04:10:00",
"request-id": "ff9d5295-2dd5-40ca-91c7-4ec0cf871c8c",
"client-request-id": "2fb3723b-1858-5d41-e4bc-47589df481a0"
}
}
}
I've attempted Get, Patch, Post and Delete requests to both https://graph.microsoft.com/v1.0/subscriptions/<subscriptionId> and https://graph.microsoft.com/beta/subscriptions/<subscriptionId> , all requests giving the same error.
Dec 14 2023 03:03 AM
Dec 14 2023 04:29 AM - edited Dec 14 2023 09:31 AM
I'm encountering the same issue. Able to reproduce using Postman REST API calls and Graph .NET SDK.
Only creation (POST) and get ALL subscriptions (GET) works.
Update (PATCH), Deletion (DEL) and getting a specific subscription using Subscription ID (GET) fails with the same error.
Dec 14 2023 07:48 AM - edited Dec 14 2023 07:55 AM
Same here, we are encountering the same error when trying to delete subscriptions and more. We use Java SDK.
Dec 14 2023 03:30 PM - edited Dec 14 2023 03:30 PM
Same problem. Can list all subscriptions but as soon as I try to target a specific resource I get the above error. We experienced the issue in code (using the .Net SDK) and also in the MS Graph Explorer. Raised a ticket with MS will post here with any updates.
Dec 15 2023 05:53 AM
Dec 15 2023 10:11 AM
Dec 15 2023 10:49 AM - edited Dec 15 2023 10:50 AM
Based on what we have seen there are two IDs in play here. When you list all the subscriptions (e.g. doing a Get on the "https://graph.microsoft.com/v1.0/subscriptions" endpoint using the graph explorer ) you will see that, associated with each subscription, there is an "applicationId" and a "creatorId". The applicationID is the ClientId of your application (as registered in Azure) the "creatorId" corresponds to the Azure "ObjectID" (not ClientID) of the application or user that was used to create the subscription in the first place. I believe that this ObjectID is passed in the token given to GRaph. When targetting specific subscriptions the "ObjectID" passed in the token needs to match the "creatorId" otherwise you get the mismatch error mentioned.
Dec 15 2023 02:05 PM
Dec 15 2023 05:43 PM
Dec 17 2023 11:59 PM
Yes, quoting people from MS here-
Quick update to let you know the service team had mitigated the issue and the service should behave normally.
Working fine for me now.