MSGraph API call blocked by "CORS policy"
I'm integrating UI Integration Cards into SAP Work Zone, and I'm trying to show data from Microsoft Outlook by calling the Microsoft Graph API. The problem now is that I need to request the /authorize and /token endpoint from the Microsoft Identity Platform to authorize the user and receive an access token to make requests to the Microsoft Graph API. But when calling either endpoint, I get the error: "Access to fetch at '(requested URL)' from origin'(my URL) has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled." I also tried calling the API with the 'no-cors' mode in the fetch function, but I got an 400 (Bad Request) response. Is there a way to surpass getting blocked by the CORS policy? Maybe with some sort of "proxy" in Azure AD or so?
Weird result when using MS Graph for Access Review Owners
Greetings, I am trying to create an Azure Access Review which includes both members and owners for the review process, where the group owners are also the reviewer in said Access Review. Since there are over 500+ groups in our tenant, I am using Microsoft Graph to automate this using a powershell script. When I use the members value in the request body, everything works out fine, but when I use owners in the request body, I get a weird result which I was able to replicate using the MS Graph Explorer. As an exercise, I used the MS Graph explorer for the following: Best Case Scenario POST (beta): https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions Request Body: { "displayName": "Group Members Access Review", "descriptionForAdmins": "Reviews access to all group members in the organization", "reviewType": "AccessReview", "scope": { "query": "/groups/{group id}/members", "queryType": "MicrosoftGraph" } } Result is: The access review is successfully created in Azure. You can see it in the GUI on the web. ===================== Bad Case Scenario POST (beta): https://graph.microsoft.com/beta/identityGovernance/accessReviews/definitions Request Body: { "displayName": "Group Owners Access Review", "descriptionForAdmins": "Group owners in the organization", "reviewType": "AccessReview", "scope": { "query": "/groups/{group id}/owners", "queryType": "MicrosoftGraph" } } The result is: { "error": { "code": "", "message": "PartnerData | Partner Record with Id 00000000-0000-0000-0000-000000000000 not found in repository", "innerError": { "date": "2023-08-18T16:17:48", "request-id": "{request id auto-generated}", "client-request-id": "{client-request-id auto-generated}" } } } I don’t have this PartnerData in my tenant, but I get the feeling this is something from within Graph API maybe. All I want to do is create an access review that includes both group members and owners. Any ideas?Get all devices in a specific enrollmentProfile (iOS)
Hi Is there any way to count devices assigned to a enrollmentProfile? I can manually do this by going into the profile and hit the Export button and get a csv file. But is there a way to do it using graph or even PowerShell? So I just want to do a simple count on devices inside a specific enrollmentProfile. In each profile I can view all the assigned devices under "assigned devices" I can use an export function to get it in CSV, but I dont seem to find a way to do this using Graph or PowerShell https://docs.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-program-enroll-ios#create-an-apple-enrollment-profile
Error when doing query for drives on Sharepoint using Microsoft Graph in C#
I have this line of code Running on an app registration with these permissions In a basic .NET Core 7 app with added Microsoft.Graph client configured like this Sometimes this finds a drive for a given folderName successfully and other times, for the exact same folder name, it throws a general exception. It returns exception: General exception while processing at Microsoft.Kiota.Http.HttpClientLibrary.HttpClientRequestAdapter.ThrowIfFailedResponse(HttpResponseMessage response, Dictionary`2 errorMapping, Activity activityForAttributes, CancellationToken cancellationToken) at Microsoft.Kiota.Http.HttpClientLibrary.HttpClientRequestAdapter.SendAsync[ModelType](RequestInformation requestInfo, ParsableFactory`1 factory, Dictionary`2 errorMapping, CancellationToken cancellationToken) at Microsoft.Kiota.Http.HttpClientLibrary.HttpClientRequestAdapter.SendAsync[ModelType](RequestInformation requestInfo, ParsableFactory`1 factory, Dictionary`2 errorMapping, CancellationToken cancellationToken) at Microsoft.Graph.Drives.Item.SearchWithQ.SearchWithQRequestBuilder.GetAsSearchWithQGetResponseAsync(Action`1 requestConfiguration, CancellationToken cancellationToken) What am I missing? Thanks in advance!Login failed while configuring Azure SQL connector
Hello All, I'm trying to play with the Microsoft Graph connectors and trying to set up my first conector. I decided to use the Microsoft Azure SQL connector and went through the guides in Microsoft Learn https://learn.microsoft.com/en-us/microsoftsearch/mssql-connector https://learn.microsoft.com/en-us/microsoftsearch/configure-connector I created an Azure SQL Server and Database, registered the app and even put the app user as admin, I create an external user using the SQL CREATE USER [app name] FROM EXTERNAL PROVIDER and exec sp_addrolemember 'db_datareader', [app name]' Using SQL managment studio I'm able to connect to the SQL but when I try to configure the connector in the admin center I'm stuck on the Database settings screen, after selecting the "Test Connection" button I got the error message: "Error from database server: Login failed for user ''. Incorrect or invalid token." Thanks, JonathanGET /v1.0/teams/{id}/channels returns HTTP 403 error
I met HTTP 403 error when invoking GET /v1.0/teams/{id}/channels request. The error message is: { "message":"Request is not allowed for externally authenticated users", "errorCode":"GuestAccessDenied" } I have granted the Channel.ReadBasic.All permission to Azure AD app and the access token has Channel.ReadBasic.All scope. The delegated user is a guest user, but the same request was successfully invoked in past. There are no change in Teams Admin settings and Azure AD settings. I want to know how to resolve the issue. Is it caused by any settings?
