-
Notifications
You must be signed in to change notification settings - Fork 227
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Accessing OneDrive doc of Personal Account or Only one user in Business account via API #1219
Comments
Thank you for your contribution to OneDrive API Docs. We will be triaging your incoming issue as soon as possible. |
Hi Team, Any quick look at this would be very appreciated. Thanks in advance. |
Hi Team, Please let me know if this possible. |
Hi Team, It's been a whole week and I don't have any reply, can anyone please have a look into it? |
Thanks for your patience. The "All" constraint potentially grants access to all users. For example, User.Read.All potentially grants the app privileges to read the profiles of all of the users in a directory. It sounds like delegated permissions is the way to go - have you looked into it? See also: permissions reference for Microsoft Graph Depending on your scenarios, this question might also be better answered in the Azure Active Directory forum. I've tagged it so our bot will provide a link to that forum. |
Thanks for your feedback. Since this question is about Azure Active Directory, could you please ask it here: https://stackoverflow.com/questions/tagged/azure-active-directory |
Hi @chackman Thanks a lot for answering, the problem is if I go with only the delegate permissions, it is giving below error while accessing OneDrive documents {
"error": {
"code": "AccessDenied",
"message": "Either scp or roles claim need to be present in the token.",
"innerError": {
"request-id": "c64dcb8a-c16e-43f7-8223-3cb5c11b994d",
"date": "2020-02-11T03:36:19"
}
}
} |
That likely means the user hasn't consented to the permissions your application requested, or you application hasn't requested any permissions. I would recommend making sure you have followed the process documented on the Microsoft Graph site for getting access on behalf of a user. |
I'll tag this item so our bot will provide a link to the Microsoft Graph forum. |
Thanks for your feedback. Since this question is about Microsoft Graph, could you please ask it here: https://stackoverflow.com/questions/tagged/microsoft-graph |
This issue has been automatically marked as stale because it has marked as requiring author feedback but has not had any activity for 10 days. It will be closed if no further activity occurs within 10 days of this comment. Thank you for your contributions to OneDrive API Docs! |
Category
Hi Team,
I am able to access OneDrive items of all the users in Office 365 business account using a free trial created from this link.
https://www.microsoft.com/en-in/microsoft-365/business/office-365-enterprise-e3-business-software?rtc=1&activetab=pivot%3aoverviewtab
However, in order to make it work I needed to give my application below permission, which eventually allows this app to access OneDrive items of all the users in this tenant because of these permissions.
Now, my requirement is to access OneDrive document of only one users from this tenant and block the application from accessing documents from other users, or access document of any personal account (@hotmail.com/@live.com).
Please let me know if there is any way or in case I am doing anything wrong with the application I registered.
Appreciate any help.
The text was updated successfully, but these errors were encountered: