Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Access Token missing or malformed when calling Graph API

Tags:

active-directory

azure

Following this guide: https://azure.microsoft.com/en-us/documentation/articles/resource-manager-api-authentication/#_get-objectid-of-application-service-principal-in-user-azure-ad

I've reached the stage where I call graph.windows.net to Get the ObjectId of the service principal in user Azure AD.

When I do the call, however, I'm getting the following message:

{"odata.error":{"code":"Authentication_MissingOrMalformed","message":{"lang":"en","value":"Access Token missing or malformed."},"values":null}}

I've already tried replacing the clientId with the 'onmicrosoft.com' address too (so graph.windows.net/appname.onmicrosoft.com/...), still got the same message.

like image 455
Asaf Avatar asked Sep 06 '16 17:09

Asaf

People also ask

Why is my access token not working in Microsoft Graph?

Make sure that your application is presenting a valid access token to Microsoft Graph as part of the request. This error often means that the access token may be missing in the HTTP authenticate request header or that the token is invalid or has expired.

How do I troubleshoot missing authentication token errors in API gateway?

API Gateway REST API endpoints return Missing Authentication Token errors for two reasons: The API request is made to a method or resource that doesn't exist. The API request isn't signed when the API method has AWS Identity and Access Management (IAM) authentication turned on. To troubleshoot the error, do the following.

Does the Azure graph token work with other Azure Services?

The token that is acquired will work for other Azure Services like webapps, compute, ResourceManager, etc. but not for Graph. You could test it with Azue AD graph explorer, then it will work for you.

Why is my Azure AD graph API not working?

A common mistake that causes in this error is trying to use a token acquired for Azure AD Graph APIs, Outlook APIs, or SharePoint/OneDrive APIs to call Microsoft Graph (or vice versa). Ensure that the resource (or scope) your app is acquiring a token for matches the API that the app is calling.

1 Answers

To extend on my comment, we have seen this when the app secret contains characters that need encoding. Such as "+" and "="

enter image description here

If you are not using some of the client helpers available or are testing with Fiddler or Postman you will need to URL encode the secret before calling the graph api, so it looks it becomes:

"7hIkYG5m7xJQnocThxMc4yPjtbRP7bO41aNC%2bbrEzvo%3d"

like image 161
jimpaine Avatar answered Oct 17 '22 08:10

jimpaine
Sign in to Comment

Related questions

How to debug 500 error from Azure API Management call?
Set File Name while downloading via blob in Angular 5
How to get connection string to existing servicebus without old azure portal
How to specify .net core version with Terraform azurerm_app_service
Azure-hosted ASP.NET MVC site drops client cache-related HTTP headers
Moving a DocumentDB Collection to Azure Data Lake Storage
Azure CDN + Asp.net MVC Cloud Service compression for bundles not working
How does azure websites with EF migrations ensure integrity when updating
Open excel/word document from ASP.NET in Office Web Apps to edit?
Azure Web App: HTTP Error 500 on favicon.ico
Azure Socket Leaks?
Using Adal for accessing the Azure KeyVault on behalf of a user
How to use nested TransactionScopes against an Azure SQL Database
ASP.Net when trying to read xml file, "An operation was attempted on a nonexistent network connection"
pymssql and Adaptive Server connection failed

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!