I am able to get the Email Address form active directory. When i am trying send the mail to recipient it is throwing ServiceException.
Code: ResourceNotFound
Message: Resource could not be discovered.

Inner error null
Method:
await graphService.SendEmail(graphClient, message);

Are there any examples on how to integrate this with an on-prem Exchange installation with EWS

My assumption, which may be correct, that this should also support that model.

I am trying to create a B2B Management portal. But for some reason this sample does not let me sign in with any email adress. For example [email protected] does not work. Following error after sign-in:

AADSTS50020: User account '[email protected]' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are not supported by the tenant-independent endpoint. Trace ID: 2ad8bee0-d00a-4896-9907-b5271a113300 Correlation ID: 0ea84617-4aa1-4830-859f-6f418252765e Timestamp: 2017-10-03 15:35:22Z

I changed the authority to only allow users from my tenant (requirement):
https://login.microsoftonline.com/tenant.onmicrosoft.com/v2.0

This is the only change I made. Using "common" will not work since that lets anyone in.

Dear Team

Firstly, I'd like to thank you for the great guide.

How to reproduce:

1. Instead of registering the app in the link provided - I registered the app in the Azure Portal. I made a Key and made that my app secret. I also changed the manifest to allow multi tenant log in.
2. All the rest I followed like in the guide.

I'm trying to learn how to use the Microsoft Graph API in order to manage users on multiple azure subscriptions. I'll be developing a small ASP.NET web application which will help me have a better sight on things.

Below is a screenshot of the error:

Thank you in advance

how to reproduce

1. I have setup a new application https://developer.microsoft.com/en-us/graph/quick-start?appID=[APP_ID]&appName=My%20ASP.NET%20App&redirectUrl=http://localhost:55065&platform=option-dotnet
2. I have downloaded, unzipped and built the "aspnet-connect-sample-master.zip"
3. I run the app
4. I fill my credentials
5. I hit 'send'

output

1. "Success your email is sent " - see the screenshot
2. on VS2017: Exception thrown: 'Microsoft.Graph.ServiceException' in mscorlib.dll

screenshot

Hi, I have tried to alter some of your and a lot of others code samples to be able to get back a list of group displayName's the user is a member of, but with no luck.

I know this is not a part of your sample application but still i need to ask you for guidance to get user group membership. I have tried since Build Conference to find out a way to get a list of Group names the user is member of and this sample has been one of the few found that is working querying the Graph API's. Hope you could share some solution or point me in the right direction

Just altering the endpoint in, for instance a copy of, the GetMyEmailAdress() function with

string endpoint = "https://graph.microsoft.com/v1.0/me/memberOf";
string queryParameter = "?$select=displayName";
and added Group.Read.All in the application settings in the Application Registration Portal.

does not do the trick!

the responce is instead of a successfull one
"
{StatusCode: 403, ReasonPhrase: 'Forbidden', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
Transfer-Encoding: chunked
request-id: {Erased by me}
client-request-id: {Erased by me}
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"West Europe","Slice":"SliceB","ScaleUnit":"000","Host":"AGSFE_IN_6","ADSiteName":"AMS"}}
Duration: 93.3856
Cache-Control: private
Date: Sun, 22 Oct 2017 14:49:59 GMT
Content-Type: application/json
}}
"
and the responce.IsSuccessStatusCode = false.

I expected to get some Json back, since this string works perfectly in Graph Explorer
https://graph.microsoft.com/v1.0/me/memberOf?$select=displayName

Any clarification on this matter would be appreciated
Best Regards
/Patrik

I have integrated this example into my application and have followed the code line by line and everything seems to be equivalent however, in the example app you put the email into the ViewBag using the following code

ViewBag.Email = await graphService.GetMyEmailAddress(graphClient);

in my application I am using the following:

String email = graphService.GetMyEmailAddress(graphClient).Result;

but the callout to the service endpoint never happens and this code never resumes - it is like it just ends abruptly (thread abort)

I am fairly new to the async / await pattern so I am assuming it has something to do with this - but based on my reading this should work

What am I doing wrong?

Thanks in advance.

No matter what i sign in with, the global admin or the user, it is throwing into the error page with error:
Unauthorized_client

I've implemented this code exactly as provided and am successfully authenticating against Azure Active Directory. I'm able to access the claims of the logged in user and see no issues there.

However, I'm getting an object reference exception when trying to use Graph in the SessionTokenCache.cs file where the httpContext.Session is null.

Why would this be? My web.config already contains runAllManagedModulesForAllRequests="true" in the modules section. I'm lost.

Hello,

I'm having issues trying to get this sample to work.
I can login with my microsoft account, but when I click on "Get email address", I get a resource not found message.
The url the app is trying to call is /Home/GetMyEmailAddress.

Moreover, when I first tried to build the project, there was an error saying that "SDK Helper was not found", so I found a SDK Helper file somewhere else but the AccountController.cs file needed the SignOutClient() function to work properly. I just commented this line to test the other features without testing the signing out, but it would be nice to figure out how to get this to work.

Thanks

I got stuck on login screen. Even after log in, when I press get email, I get redirected to login screen again, and it loops few times before I receive error in app:

Microsoft Graph Connect sample for ASP.NET 4.6
An error occurred while processing your request.
unsupported_response_type

The documented steps under "Register the application" could not be followed through with success. At step 3, clicking on the ONLY active button, 'Edit in the Azure Portal', takes me to Azure portal for the newly created application (under Azure Active Directory), which is fine. There I could generate a key (and record the secret), but nowhere I could find UI controls/links/buttons to do steps 6-8 (Platform, Allow Implicit Flow).

Without that (and I did manually grant Microsoft Graph API explicit rights for app and user), the application simply returned 'unauthorized_client' after going through 'Sign in with Microsoft'.

We have registered 2 different app one for development and one for production. We use only the authentication and send mail functionality.
In my test application I have some trouble in logon (we have received some "response_type 'token' is not supported for the application" and "unsupported_response_type".
Like explained in this article
https://docs.microsoft.com/en-gb/azure/active-directory/develop/active-directory-v2-protocols-oauth-code
we have:
1 - Add in web config the appsettings "ida:AppTenancy" with value as our tenancy domain
2 - Changed the the "Authority" property of the "OpenIdConnectAuthenticationOptions" in the method public void ConfigureAuth(IAppBuilder app) with the code:
Authority = string.Format("https://login.microsoftonline.com/{0}/v2.0",appTenancy),

For now its work.
LSo

I have the example application integrated into my application, however, I need to be able to support multiple Identity Providers, the example pretty much intercepts all requests and assumes that it needs to authenticate with Graph

How can I layer in support for multiple providers (Graph, Google and forms authentication - fallback for internal admin users that do not have either)

Ideally I should be able to let the user decide what identity provider to use - therefore the application should be able to handle that situation.

Hello, I'm trying to wrap my head around using Microsoft Graph for an app that will need to be hosted on Azure. I took the sample app and published it to an Azure app I own. I will be using Azure AD so I set up an AD app as well (putting the app id and secret in my web app's web.config using your instructions). I can launch the app fine. I click on "Get email address" and I get sent to a login page. When I log in via my (Microsoft) account I am presented with the following:
You do not have permission to view this directory or page.

Any idea what I might be doing wrong?

My end goal is to simply check to see if a user is a member of a specific group and if not, kick them out. I'm thinking I can use GraphServiceClient.Me.CheckMemberGroups. Am I right here? Any help you can offer would be wonderful.

I am trying to integrate the example into an existing ASP.Net WebPages.

The example APP works fine, however, when I try and integrate it into my application I can't get the API controller method to get called and based on my debugging so far the routes are null. I am fairly positive it is because the ASP handler / modules are interfering with the MVC controller handlers / modules but can't figure out how to effectively debug this - it is not a routing problem per se, but the fact that the routes are null

Any hints on how to trouble-shoot this or does anyone have a working example that includes integration with aspx pages based application.

Thanks in advance.

Whatty

After downloading this app through the Graph Quick Start page, the sign in experience fails. After granting consent, it redirects to a page not found error.

The problem seems to be that the app runs locally on port 21942, but the app is registered in the app portal to use port 55065 (and that's set in the web.config as well).

At first, I dont know if this is the place to ask this question, so I hope it is.

If I create an app only the first redirect url works.

For example; if I add https://google.com/ first this url works but if I add https://localhost/ it does not.
When I add https://localhost/ first and https://google.com/ second, only the localhost url works.

The only way to make everything work is to create two separate applications in the "Application registration portal". One for the development environment and one for production.

It feels like some cache issue, but I could also be a stupid mistake of me of course.

(I change the "PostLogoutRedirectUri" in my web.config to the right one when I switch to another environment)

Note that the graph client instance is being generated new every time - the private static "graphClient" variable is never used. As a consequence, the SignOutClient method does nothing.

Any chance that you can make an example on how to connect and query Graph using .Net Core?