microsoft-graph-client throws '#<GraphError>' error on API call
I would like to consume the Graph API from my Node backend. First I get an access token from adal-node by calling the acquireTokenWithClientCredentials method. So my token response would be
I install the @microsoft/microsoft-graph-client package and tried to follow the guide from here https://github.com/microsoftgraph/msgraph-sdk-javascript/blob/dev/samples/node/main.js . For the isomorphic-fetch import I installed the isomorphic-fetch package.
async function bootstrap() {
// ...
const session: TokenResponse = await authenticationService.getSession(); // call the 'acquireTokenWithClientCredentials' function
const client: Client = Client.init({
authProvider: (done) => {
done(null, session.accessToken);
},
});
try {
await client.api('/me').get();
} catch (error) {
throw error;
}
}
The API call throws an exception. But I can't figure out what's wrong because the error only logs
(node:20561) UnhandledPromiseRejectionWarning: #<GraphError>
What is wrong or missing? Please let me know if you need more information. But I hope that my description should be enough for reproduction :) Thanks in advance.
Update
The application does not sign in as a user and should run as a background service. So maybe I can't access /me because the application is not a user. But when I update /me to /users (this endpoint should work) then I still get the same error.
So my current access token when accessing /users is
You can not use Client credential flow to get access token for /me endpoint. You should use auth code flow(acquireTokenWithAuthorizationCode) instead. Then you can call /me for the signed-in user.
If you must use client credential flow, you should call /users/{id | userPrincipalName} for a specific user.
Besides, if you want to call Microsoft Graph API, the value of resource which you used to get access token should be https://graph.microsoft.com.
var resource = 'https://graph.microsoft.com';
- Get all user properties from Microsoft graph
- ASP.NET Azure AD / Entra Authentication - App roles in token, but not being assigned to principal
- How to do azure single sign on with next.js 14 and App Router
- Azure ClientCertificateCredential - Using SNI
- Entra ID Schema Extension with custom Namespace
- MSAL Node service & The Partner Center API
- KeyCloak Integration with Azure B2C UserName Mapping Issue
- Generate token fails for Azure app which is both client and API (client credentials workflow)
- Authenticating to Sharepoint Online Site via React SPA in MS Teams personal Tab
- Login failed for user '<token-identified principal>' while authorizing to SQL Server via Service Principal from AAD group assigned
- MSAL library fails to parse token in Chromium based browsers
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- Azure B2C IdP-Access Token fails with IDX10511: Signature validation failed
- EntraID: how to pass application roles downstream
- During signIn receiving B2C error code ‘AADB2C99059’
- How can I read local MS Teams status
- How to find the tenant where a multi-tenant AAD application was registered
- Azure AD permissions for MS Forms
- ASP.NET Core app running on IIS gives Http Error 401.2-Unauthorize
- Azure Active Directory skip account selection on logout
- Azure active directory - Get access token using Azure CLI
- Azure B2C / WPF - Handling a failed MFA verification flow
- How do I display Job Title in my Next Auth app
- Login failed for user identified principal
- What does "grant admin consent" button do in azure Azure Active Directory application?
- Azure AD Graph API or Powershell Graph: Gathering all the assigned roles that are associated to a group
- Azure AD user unable to connect to Azure SQL Error: 18456,State:1,Class:14
- Is there a way to add the sam_account_name of a user in the id_token claims?
- No users to select from the list in Azure Role assignments using Resource Group Owner
- Azure pipelines cannot connect to Azure SQL via AD/Entra using a custom console application