0

I have been struggling with this problem for 2 days.

I am currently trying to build a web application which is able to revoke the MS Graph Api to fetch the current user's email messages.

Firstly I have register an AD and a application within it, and follow the instructions setup the permissions.

Now I have achieved obtaining the access token by utilising the ADAL.js library. The access token is in the jwt format, and when I check it via jwt.ms, it seems like have all the permissions I need:

"scp": "Mail.Read Mail.ReadWrite profile User.Read User.Read.All User.ReadBasic.All User.ReadWrite User.ReadWrite.All"

And then when I tried to used the access token to call the graph api:

GET "https://graph.microsoft.com/v1.0/me"

It worked and return my profile details.

But when I used the token to call: GET "https://graph.microsoft.com/v1.0/me/mailFolders/"

It returns 401 Unauthorised error:

code: "OrganizationFromTenantGuidNotFound"
message: "The tenant for tenant guid <my tenant id> does not exist.

I tried using both the JavaScript Fetch and also PostMan to try the api, same error returned.

Can anybody give a hand on this, I will very much appreciate it!

Thank you

Haoge Deng
  • 1

1 Answers1

0

It seems the issue was caused by the tenant and the account. When you request the graph api, the me in your api may represent the account which is not in your AD or is a personal account. You need a Microsoft office 365 account with subscription. Here are two posts(post1 and post2) which related to your issue for your reference.

You need to check the account and the application, if still can't solve the issue, I think you can raise a support ticket on Azure portal by following this link.

Hury Shen
  • 14,948
  • 1
  • 9
  • 18