Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
497 views
in Technique[技术] by (71.8m points)

azure active directory - How To Generate A Token For Delegated Permissions (Microsoft Graph)

I want to send messages to a team's channel. So far, I've been able to create teams, create users among various other operations successfully, the token I generated works just fine. Sending messages to a channel however only works with delegated permissions and the request to send a message fails with error code 401.

login.microsoftonline.com/tenant_id/oauth2/v2.0/token is the end point I'm using the default scope i.e. graph.microsoft.com/.default which informs the Microsoft Identity platform of Application Permissions of the App only, how do I modify the POST request to generate a token to honor delegated permissions for the App and send messages to the channel ?

In other words, I would like to know how to generate a token when making use of a Graph API that only supports delegated permissions ?


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

What @Dev said in the comments is correct, you can send messages to a team channel using delegated permissions only. So, you must grant delegated permissions to the application, and then grant admin consent for that permission.

As for the 401 error you received, I think you may have used the wrong authentication flow. When you use delegated permissions to obtain a token, you should use the auth code flow, which requires you to log in to the user to obtain the authorization code, and then use the authorization code is redeemed for the access token.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...