Home > database >  How to authenticate MS graph requests?
How to authenticate MS graph requests?

Time:10-26

I am using enter image description here

Here is my Graph API call that only works with bearer tokens copied from graph-explorer

def recreate_graph_request1(bearer = None):
  '''
  I went to https://developer.microsoft.com/en-us/graph/graph-explorer
  and picked a request. Outlook>GET emails from a user
  at first response was for some generic user, but I logged in using my account and it actually worked.
  Then I used my old copy curl as bash trick to make it python

  :return:
  '''
  url = "https://graph.microsoft.com/v1.0/me/messages?$filter=(from/emailAddress/address) eq '[email protected]'"

  payload = {}
  headers = {
    'Accept': '*/*',
    'Accept-Language': 'en-US,en;q=0.9',
    'Authorization': bearer,
    'Connection': 'keep-alive',
    'Origin': 'https://developer.microsoft.com',
    'Referer': 'https://developer.microsoft.com/',
    'SdkVersion': 'GraphExplorer/4.0, graph-js/3.0.2 (featureUsage=6)',
    'Sec-Fetch-Dest': 'empty',
    'Sec-Fetch-Mode': 'cors',
    'Sec-Fetch-Site': 'same-site',
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36',
    'client-request-id': 'n0t_th3_s4m3_4s_1n_P05tm4n',
    'sec-ch-ua': '"Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"',
    'sec-ch-ua-mobile': '?0',
    'sec-ch-ua-platform': '"Windows"'
  }

  response = requests.request("GET", url, headers=headers, data=payload)

  return response

token_from_ms_auth = 'eyCOPIED_FROM_POSTMAN....'
bearer_from_ms_auth = 'Bearer ' token_from_ms_auth
print(recreate_graph_request1(bearer_from_ms_auth).text)

TBH, I was not overly optimistic that any bearer token would work, even if it was somehow associated with my tenant - but I hoped it would, and the resulting disappointment has driven me to ask the universe for help. I do not understand these meandering flows and looking at others' answers only confuses me more. I am hoping someone can help me figure out this scenario.

CodePudding user response:

Access tokens are short lived. Refresh them after they expire to continue accessing resources.

enter image description here

Please refer this document: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#refresh-the-access-token

Hope this helps.

Page link:https//www.codepudding.com/database/588155.html

Prev:What is the way to set up an authentication mechanism using keycloak initial access token?
Next:next-auth GET /api/auth/session 400 CLIENT_FETCH_ERROR Unexpected token 'E' (Netlify deplo
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding