Hi,

I got an error "unsupported_response_type". I already put the appId and appSecret on the Web.config. When the "Sign in with Microsoft" clicked, it redirected to Microsoft login page https://login.microsoftonline.com/common/oauth2/v2.0/. However, after e-mail field was filled, it redirected to the app home page with unsupported_response_type error. As suggested by other source, I already tried to add "/signin-microsoft" on the redirect URL, but doesn't work.

Thank you very much.

Load the project in visual studio, run, login, close the browser and reopen it. I am prompted to log in again.

I have a working web app in Azure and I would like it to be able to make Graph API calls.

I followed the instructions at https://github.com/microsoftgraph/aspnet-connect-rest-sample#build-and-run-the-sample and got the site running on localhost. However when I click the "Get email address" button, the sign-in fails and I'm redirected to the error page with this message: "AADSTS70001: Application '<my app's client id>' is not supported for this API version."

In Startup.Auth.cs I can see the AuthorizationCodeReceived handler being called. The cca.AcquireTokenByAuthorizationCodeAsync call throws a MsalServiceException which is caught and then handled by the AuthenticationFailed handler.

I suppose something is misconfigured in my web app, but I have no idea what it could be. Which "API version" is the message referring to? Is it the authentication API or the graph API? How do I determine which API version IS supported and how to call it?

Thanks,
:-DK

When I build and run the example, I get the following error in my browser:

I followed the instructions in the Readme. When I click the sign in link, it asks me to sign in but when I get to the home page, my userID is not listed in the nav bar. When I debug, It tells me that the Request.IsAuthenticated is false.

Any suggestions?

Hi,

Is there a VB.Net version of this somehwere?

Thanks in advance.

Why would sending to myself at my onmicrosoft.com email address work, but sending to my GMail address gets rejected as "spam abuse detected"? When I use Office 365 Outlook to send to my GMail account, it goes through with no problem.

Using this sample code I am trying to retrieve my planner tasks but I am getting the 403 forbidden error. I have checked all the permissions and have added the required permissions in application registration page and web config.
Is it a problem because I am using Beta version or should I give some additional permissions inside the code apart from ida:GraphScopes in web config.

Hello, I'm trying this example out to connect to my Azure AD App Registered account. I already have the necessary permissions granted by the administrator.

1. When I try this example right out of the box I get the error: "Application ... is not supported over the /common or /consumers endpoints. Please use the /organizations or tenant-specific endpoint."
2. So, to get around this I added the AADInstance value to the ConfidentialClientApplication constructor (2nd argument for Authority) that then gets me to the next error: "Message=AADSTS65001: The user or administrator has not consented to use the application with ID '...' named '...ToolSuite.Debug'. Send an interactive authorization request for this user and resource."

So, I understand that the user needs to consent to the usage but how do I do that through the code? I've read about using the parameter: "?prompt=admin_consent" but where do I put that? I've tried putting it on the Authority parameter but see that it get truncated before making the AcquireToken… call. How do I proceed?

Also, is the correct way to get access to Azure AD and Microsoft Graph API. I'm trying to get a list of the Azure AD Groups that the User belongs to. I see the GUIDs that return for the signed in user but that is all the information I get. Trying to get more information about the Groups. Thanks for you help.

The application works while in localhost - thank you for the notes and start with Microsoft Graph.
My next issue is getting this on Azure Web Application; of course, there are questions about this like the registration process, scope and authorization of the web application to the API. Can we add a "walkthrough" adding this application to Azure. I ask the question here because this is the only sample I've been able to get to work with Microsoft Graph on the localhost - so I want to publish it to Azure and see if I can get it to work there as an Azure Web Application. Thank you, Tim:

On a default installation of Visual Studio and NuGet, packages are downloaded to the CxCache folder. However, the csproj file in this repository references packages in a ..\packages folder. If you try to build this on a machine where you haven't redirected NuGet packages, you'll get an error:

This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is ..\packages\Microsoft.Net.Compilers.1.0.0\build\Microsoft.Net.Compilers.props.

You can fix this by adding a Nuget.config file in the root that will ensure that for this solution packages are always downloaded into the ..\packages directory.

I added a method to get the files from the root - and it returns an empty list. The same call in the Microsoft Graph Connect example site returns the full list of files.

public async Task GetFilesList(string accessToken)
{
string result = string.Empty;
string endpoint = "https://graph.microsoft.com/v1.0/me/drive/root/children";
string queryParameter = "";
using (var client = new HttpClient())
{
using (var request = new HttpRequestMessage(HttpMethod.Get, endpoint + queryParameter))
{
request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

                // This header has been added to identify our sample in the Microsoft Graph service. If extracting this code for your project please remove.
                request.Headers.Add("SampleID", "aspnet-connect-rest-sample");
                using (HttpResponseMessage response = await client.SendAsync(request))
                {
                    if (response.StatusCode == HttpStatusCode.OK)
                    {
                        result = await response.Content.ReadAsStringAsync();
                    }
                    return result;
                }
            }
        }
    }

the code error in azure China

I downloaded this sample code, registered it as an application in Azure Active Directory, gave it the required permissions - 'Sign in and read user profile' and 'Send mail as a user', and configured web.config with 'ClientID' and 'ClientSecret'. The application allows me to connect with Office 365, but returns "Forbidden" when I attempt to send email.

Using the VS2015 debugger I captured the AccessToken that I receive upon login, and decoded it with http://jwt.calebb.net/. It says the token provides "User.Read" permissions, and that's all.

Any thoughts on why I am not getting the permissions that I configured in AAD?

Hi,
how to make this application work with the multi tenant. I selected the Multitenant option in manage azure portal for this app, just as try but that did not worked. there are other sample application which demo about multi-tenant but i could not understood it properly..

how to make this app multitenant

This happens sometimes, not all the time though.
When I run F5 with chrome and login and stop debugging and start again, sometimes the authentication is not successful. what I would like to see in the source code is a way to redirect the user to the login page instead so that I can eventually receive the accesstoken. Also I would like to see the code sample where something is done to the application so that the accesstoken stays alive while running. Curenlty it expires within an hour or so.

Any chance that you can make an example on how to connect and query Graph using .Net Core?

I haven't had much luck on converting these samples from MVC to .Net Core.

Using this sample code I am trying to retrieve my Inbox top 10 mail but I am getting the 401 Unauthorized error. I have added "Mail.Read" permission for Delegated Permissions and Application Permissions in registaration page and in web config I added "Mail.Read" in GraphScopes.
"Send Mail" and "Get Email Address" works fine with me , but not able to read Inbox mails.
Can anybody help me in this ?

Hi
I deployed the application and all looks fine except whatever I do I don't get any alerts.
I noticed that it generates the Graph call so I tried to execute that directly on the graph explorer which also didn't return anything. However, when I tried to do it on the V2/Beta, it returned some info. So my question, why does the application shows the v1.0 query instead of the V2.0?

PS: Do I need to enter a fully qualified domain name?

Thanks

Jan

PS: I removed the username and the tenant id from the PNG file

I have downloaded the solution and simply try rebuilding it. I have ended up with 44 errors. If your experience is different, please let me know.