The tenant for tenant guid does not exist. Microsoft Graph API with Nodejs

I want to read email messages from a given email account dynamically, but I encountered the error message: "The tenant for tenant guid does not exist". How can I resolve this issue?

error message

"error": {
   "code": "OrganizationFromTenantGuidNotFound",
   "message": "The tenant for tenant guid '24f192b9-85d3-4710-859a-d0806xxxxxxx' does not exist.",
   "innerError": {
   "oAuthEventOperationId": "8de2a75d-8df8-4a92-935e-660d3a102c5f",
   "oAuthEventcV": "X3bGiYtMYExtlEcJ5dVwWg.1.1",
    "errorUrl": "https://aka.ms/autherrors#error-InvalidTenant",
        "requestId": "042ee1f5-40d0-4936-ae12-79b9bb7bcf23",
        "date": "2024-12-19T08:56:58"
       }
   }

auth.js

import * as msal from "@azure/msal-node";

const msalConfig = {
  auth: {
    clientId: process.env.CLIENT_ID,
    authority: process.env.AAD_ENDPOINT + "/" + process.env.TENANT_ID,
    clientSecret: process.env.CLIENT_SECRET,
  },
};

const tokenRequest = {
  scopes: [process.env.GRAPH_ENDPOINT + "/.default"],
};

const apiConfig = {
  uri: process.env.GRAPH_ENDPOINT + "/v1.0/users",
};

const cca = new msal.ConfidentialClientApplication(msalConfig);

/**
 * Acquires token with client credentials.
 * @param {object} tokenRequest
 */
async function getToken(tokenRequest) {
  return await cca.acquireTokenByClientCredential(tokenRequest);
}

export default {
  apiConfig: apiConfig,
  tokenRequest: tokenRequest,
  getToken: getToken,
};

read email code

export default router.get("/", async (req, res) => {
  try {
    const { email } = req.body;
    const token = await emailAuth.getToken(emailAuth.tokenRequest);
    // console.log(token);

    const url = `${emailAuth.apiConfig.uri}/${email}/messages`;
    const accessToken = token.accessToken;
    // console.log(url);
    // console.log(token.accessToken);

    let data = await fetch(url, {
      method: "GET",
      headers: {
        Authorization: `Bearer ${accessToken}`,
      },
    });

    data = await data.json();
    console.log(data);

    return send(res, RESPONSE.SUCCESS, data);
  } catch (err) {
    console.log(err);
    return send(res, RESPONSE.UNKNOWN_ERROR);
  }
});

Have done the App registration with Azure

Here are my API permissions

Authentication

Need to read the email messages from the user given email id eg: test@outlook.com

Note that: You need to make use of delegated flow or user interactive flow to fetch the mails of personal Outlook account and generate access token. Also make use of /me/messages endpoint.

Register Microsoft Entra ID application by selecting "Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)":

Make sure to grant Mail.Read or Mail.ReadWrite permission of Delegated type:

Use this GitHub sample to generate the access token.

Add redirect URL as http://localhost:3000/redirect under Mobile and desktop applications platform:

Also, enable Allow public client flows to "Yes" and Save:

Generate the access token:

Make sure to pass scope as Mail.read

app.get('/redirect', (req, res) => {
    // You can also build the tokenRequest object directly in the JavaScript file like this
    const tokenRequest = {
        // The URL from the redirect will contain the Auth Code in the query parameters
        code: req.query.code,
        scopes: ["Mail.read"],
        redirectUri: "http://localhost:3000/redirect",
    };

    // Pass the tokenRequest object with the Auth Code, scopes and redirectUri to acquireTokenByCode API
    clientApplication.acquireTokenByCode(tokenRequest).then((response) => {
        console.log("\nResponse: \n:", response);
        res.sendStatus(200);
    }).catch((error) => {
        console.log(error);
        res.status(500).send(error);
    });
});

Now use the above token and call me/messages endpoint:

GET https://graph.microsoft.com/v1.0/me/messages

Reference:

microsoft-authentication-library-for-js/lib/msal-node/docs/request.md at dev · AzureAD/microsoft-authentication-library-for-js