I have a python script that successfully makes a number of Graph API calls to retreive various Teams details, like subscribing to chats, getting the meeting url from the chat etc.
There is a step in the flow of API calls I need to make that is consistently giving a 403 forbidden error.
The API Endpoint I am trying to hit is GET /v1.0/users/onlinemeeting/joinweburl
Here is my python code that gets a token and executes the request:
def get_token2():
# Get the token
conn = http.client.HTTPSConnection("login.microsoftonline.com")
payload = urllib.parse.urlencode({
'client_id': 'REDACTED',
'scope': 'https://graph.microsoft.com/.default',
'client_secret': 'REDACTED',
'grant_type': 'client_credentials'
})
headers = { 'Content-Type': 'application/x-www-form-urlencoded' }
conn.request("POST", "/REDACTED/oauth2/v2.0/token", payload, headers)
res = conn.getresponse()
data = res.read()
token2 = json.loads(data.decode("utf-8"))['access_token']
return token2
def get_online_meetings(joinWebUrl, token2):
print(f"joinWebUrl for the second API call: {joinWebUrl}")
url = f"https://graph.microsoft.com/v1.0/users/REDACTED/onlineMeetings?$filter=JoinWebUrl%20eq%20'{joinWebUrl}'"
req = urllib.request.Request(url)
req.add_header('Authorization', f'Bearer {token2}')
try:
with urllib.request.urlopen(req) as response:
data = response.read()
json_data = json.loads(data)
print("Meeting ID: ", json_data["value"][0]["id"])
except urllib.error.HTTPError as err:
print(f"HTTP error occurred: {err}")
except urllib.error.URLError as err:
print(f"URL error occurred: {err}")
except Exception as e:
print(f"An error occurred: {e}")
def main():
chat_id = input("Enter chat ID: ")
token = get_token() # Retrieve the token
joinWebUrl = get_chat(chat_id, token)
new_token = get_token2() # Retrieve a new token
print(new_token)
get_online_meetings(joinWebUrl, new_token)
if __name__ == "__main__":
main()
I have verified that the registered app I am using has the appropriate permissions at the application, not delegate level. Verified here by checking token2 in jwt
I feel as if I have tried everything
An additional interesting point, is that I even get a 403 when making this call with the me endpoint (user delegated authentication) and I am running as the Azure and Teams owner account.
Background on Code
I did not include my full python code, but it is a simple script just for testing out APIs that:
- gets a token
- gets chat entity from chat ID (user manually types in)
- gets a new token
- uses joinWebURL from step 2 to get organizer ID (this is the API call that fails)
Has anyone ever encountered this issue where a 403 is given even though the application has all of the required permissions and Admin Consent granted?
from 403 Error on Microsoft Graph API - Retrieve an online meeting by joinWebUrl
No comments:
Post a Comment