Create new OneNote notebook Bad request
I want to create a new OneNote notebook using Graph api.
I am following this document, https://learn.microsoft.com/en-us/graph/api/onenote-post-notebooks?view=graph-rest-1.0&tabs=http
Using Graph Explorer, I created it without loss but I want to achieve the same from different environment (Ex: Postman)
I got token with client_credentials flow but when I call query stuck with error like
"error": { "code" : "BadRequest", "message": "/me request is only valid with delegated authentication flow. ", }
I have Notes.ReadWrite.All permission granted to my Azure application.
I cannot use Delegated authentication flow in my scenario. How to proceed further? Why can't I use /me in request? Please help
TIA
I tried to reproduce the same in my environment via Postman and got the below results:
In my Azure AD application, I granted API permissions like below:
I got the access token using client credentials with parameters like below:
POST https://login.microsoftonline.com/<TenantID>/oauth2/v2.0/token
client_id:my_appID
grant_type:client_credentials
scope:https://graph.microsoft.com/.default
client_secret:my_client_secret
Response:
When I tried to create a notebook with above token, I got same error as below:
POST https://graph.microsoft.com/v1.0/me/onenote/notebooks
Content-type: application/json
{
"displayName": "My Test notebook"
}
Response:
Please note that, client credentials flow doesn't require signed-in user (no user interaction) and generates token on behalf of all users in application.
When you use /me in the request, it could not identify that specific user among all users. So, we cannot use /me endpoint with client credentials flow.
To resolve the error, you need to use delegated authentication flows like Authorization code flow, ROPC flow etc... that require user to sign in.
As you cannot use Delegated authentication flow in your scenario, you can try below query by replacing /me with /users/userID:
POST https://graph.microsoft.com/v1.0/users/<User_ObjectID>/onenote/notebooks
Content-type: application/json
{
"displayName": "My Test notebook"
}
Using the above query, I created new notebook successfully.
- AADSTS50012: Invalid client secret is provided when moving from a Test App to Production
- InefficientFilter error on Microsoft Graph requests which were previously working
- IDX10511: Signature validation failed. Keys tried: 'Microsoft.IdentityModel.Tokens.X509SecurityKey
- Graph API: Either scp or roles claim need to be present in the token
- How do I authorize a Python script to upload to SharePoint Online?
- Add claims into token Azure B2C
- Looking for a Microsoft Graph API that can update device ownership of a deivce
- How to get users info list from Azure AD app by calling Microsoft Graph API from ASP.NET Core Web API?
- "Need admin approval" error when using "Sites.Selected" delegated permission for SharePoint document download
- Is it possible to use Bearer Access Token to Authenticate against our tenants SharePoint to allow a daemon to upload files to document library?
- How to get client secret expiry date using the azure AD graph API
- Graph API - Insufficient privileges to complete the operation
- Issue in sending personal message in MS Teams with Graph API
- Get the email address of a Microsoft user
- What does "grant admin consent" button do in azure Azure Active Directory application?
- Unable to Retrieve Online Meetings Data Using Microsoft Graph API
- "AADSTS900144: The request body must contain the following parameter: 'grant_type'.?
- Issue with move folder API in Microsoft Graph when Email ID contains "/"
- How to remove proxyaddresses from B2C user?
- Azure AD B2C - Sign out a user from all sessions
- C# CS1061 Error with '.Request' (Trying to update users in an Azure AD B2C through external app)
- Query Azure Resource Graph and get a list of all the application registration that contains "test"
- Updating web redirect uri of Azure AD app registration
- Using Azure AD Graph REST API to reset users password (on behalf)
- How to replace static array data with from api request in Angular?
- Microsoft Graph Api GET request can't deserialize JSON obect when calling Applications
- How to get all role assignments for a target application using Microsoft Graph?
- How to fetch authentication methods or MFA phone number of azure ad b2c users using MS graph API
- How to return sign in activity for specific multiple users in office365 using Microsoft graph Api with powershell
- Microsoft Graph Subscription Limitations