Oauth2 IMAP: How to request consent for 'IMAP.AccessAsUser.All' permission for an app registered in Azure AD
I am trying to request consent for 'IMAP.AccessAsUser.All' permission from user, so that my app can access the user's inbox via OAuth2.
But when i request for permission I get the following error. See attached image.
The application asked for scope 'IMAP.AccessAsUser.All' that does not exist on resource.
Below is the url of the consent link. Could someone help with how I can get consent for this permission 'IMAP.AccessAsUser.All'
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?
client_id=b0eb0e00-ec46-4df8-a710-491468ed4f37
&response_type=code
&redirect_uri=https%3A%2F%2Fimap.mailboxsync.test.com%2Fredirect%2F
&response_mode=query
&scope=openid%20offline_access%20https%3A%2F%2Foutlook.office365.com%2FIMAP.AccessAsUser.All
&state=12345
Solution
I can reproduce your issue, you need to add the API permission as below.
Navigate to the Azure Active Directory -> App Registration in the portal, find your app.
Follow the screenshot below.
- Implementing SSO for Azure AD B2C
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- "error_description":"Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown."
- Azure AD client credentials generated token does not have claims (EDITED)
- Calling an ASP.NET Core Web API integrated to EntraId app from another .NET Core console app integrated to EntraId app fails
- Correlation failed in net.core / asp.net identity / openid connect
- Generating token for Fabric Rest api using client secret
- How do I display Job Title in my Next Auth app
- EntraId Authentication / Authorization via .NET & React
- Azure Function app down due to wrong routing template in http trigger binding of a functions
- How can I force trigger MFA, when logging into Azure?
- Azured AD JWT authentication doesn't work for Web API hosted in docker using TestContainer
- azp Claim Missing from Azure AD JWT
- Retrieve all Users from all Groups?
- Cannot get AAD auth token in Logic Apps
- Attempting to set DisableCustomAppAuthentication to false for Azure not working from Powershell
- Using Azure Entra Id I cant see `Office 365 Exchange Online` under `APIs my organization uses`
- New tenant b2clogin URL returns error with "removed or changed"
- Azure Entra ID tokens endpoint issues an expired token
- Azure AD B2C password expiration
- Trouble when creating PowerBI report via JavaScript Client Library
- Azure Active Directory Enterprise App OpenID and User Provisioning (SCIM)
- How to select specific app registration based on tenant ID in ASP.NET Core MVC with Microsoft Identity Platform?
- Airflow ERROR - Error authorizing OAuth access token: Invalid JSON Web Key Set. [The request to sign in was denied.]
- Systematic Way to Identify Through Azure UI Required "App Registration" API Permission
- How does Delegated OnlineMeetingRecording.Read.All work?
- How to enable SAML as authentication provider in MS Entra?
- Get domain\username from microsoft graph
- Unable to Add User to Resource Group: Authorization_RequestDenied Error
- Login with Microsoft External Account -Issue when the user cancels the consent prompt during authentication