Login/Register
Teams listChannel Graph API resulting in "Unauthorized error - "Failed to execute Aad backend request GetUsersByObjectIdsRequest"
Asked Answered
microsoft-graph-apimicrosoft-teamsmicrosoft-graph-teams
K

2

7

The teams list channel Graph API has started throw Unauthorized error as below. It use to work fine until yesterday. We are using "ServicePrincipal" for authentication and it has all necessary graph permission. In this case - Group.Read.All

Sample endpoint we are using is as below. https://graph.microsoft.com/v1.0/teams/dccde580-0fc5-11eb-adc1-0242ac120002/channels.

Since this morning, it is failing continuously with the below error. More over, this is not a beta API.

As per our analysis, it is failing for those teams which has a private channel it. But as per documentation, private channels should be returned in the response as well. I dont understand what could be the issue.

Any idea / hints /help in this regard is really appreciated.

{
  "error": {
    "code": "Unauthorized",
    "message": "Failed to execute Aad backend request GetUsersByObjectIdsRequest. Workload Unknown. Request Url: https://graph.windows.net/myorganization/getObjectsByObjectIds?api-version=1.61-internal, Request Method: POST, Response Status Code: Unauthorized, Response Headers: ocp-aad-diagnostics-server-name: 0yK5pQbb6mmQTig21hH07WmGI0k2nuTime8Zw4wMO7k=\r\nrequest-id: c33c655e-27f7-4f96-aabf-70e6d9d8770d\r\nclient-request-id: 5bd775a7-7dba-4ad7-bc9a-fbd91ae46fea\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nDate: Fri, 16 Oct 2020 15:23:45 GMT\r\n, Reason Phrase: Unauthorized",
    "innerError": {
      "date": "2020-10-16T15:23:45",
      "request-id": "3f3793b8-02d6-4653-a14f-3e455660e3d8",
      "client-request-id": "3f3793b8-02d6-4653-a14f-3e455660e3d8"
    }
  }
}
Kerriekerrigan answered 16/10, 2020 at 15:47 Comment(9)
What happens if you try the same call with Microsoft Graph Explorer? does it work?Macmullin
Are you calling the AAD graph api https://graph.windows.net/myorganization/getObjectsByObjectIds?api-version=1.61-internal? It may be that you used the wrong token to call the AAD graph and caused the error.Halfbaked
Did you find a solution or the cause of the problem? I have the same problem with some teams with a private channel, but not with all.Pachston
@Macmullin - I see the same error even in GraphExplorer. Strangely, this error comes only with "ServicePrincipal". If I use my account, it gives me results.Kerriekerrigan
@Carl Zhao - No. I am calling the MS Graph (not old AAD graph) and I am using the correct token. MS Graph makes some internal calls as you could see from the error message, this endpoint that it tries to connect to is an internal call and it fails there.Kerriekerrigan
@Pachston - No.The issue still persists. I am planning to open a Microsoft case. Not sure if this is tenant specific issue. Because, I dont have the same issue in our test tenant. But we have this issue in our development tenant.Kerriekerrigan
As a final effort, see if there is any changes been made at service principal and changes in tenant/configuration. If yes, try revoke it and see if it helps. If issue persists, consider opening a support ticket and see if it fixes the issue.Macmullin
@Kerriekerrigan Did you have any luck w/ MS support? This issue just started happening for us today. It's bizarre.Powers
Can you provide me clientRequestID.Pieper
H
1

We are facing the same issue, and the error exist in some of our test tenants and it will thrown by microsoft when we using the application permission to make the request. The requests with the delegate permission token work without any issue.

Haematinic answered 20/10, 2020 at 11:42 Comment(0)
G
0

Microsoft adds some Permissons.

https://learn.microsoft.com/de-de/graph/api/channel-list?view=graph-rest-beta&tabs=http

Do you have the application permissons?

Do you use the beta endpoint? Look at this: https://learn.microsoft.com/de-de/microsoftteams/platform/graph-api/rsc/resource-specific-consent

Gehring answered 22/10, 2020 at 15:10 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.