Issue
I am trying to access my user info with Interactive Browser Credential, Graph Service Client, and asyncio.
I am passing in the default scope ('https://graph.microsoft.com/.default'), but getting an error that says my scope is invalid, only it is not the same scope as the one I passed in.
The browser pops up with this error: "AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid. The scope . / : a c d e f g h i l m o offline_access openid p profile r s t u is not valid..." (emphasis added). Notice that the scope it is listing is not the one I provided.
Is something in my code altering the scope parameter before passing it into the Interactive Browser Credential?
from azure.identity import InteractiveBrowserCredential
from msgraph import GraphServiceClient
import asyncio
async def me():
credential = InteractiveBrowserCredential()
scopes = 'https://graph.microsoft.com/.default'
graph_client = GraphServiceClient(credential, scopes)
me = await graph_client.me.get()
if me:
print(me)
if __name__ == "__main__":
asyncio.run(me())
Solution
The browser pops up with this error: "AADSTS70011: The provided request must include a 'scope' input parameter. The provided value for the input parameter 'scope' is not valid. The scope . / : a c d e f g h i l m o offline_access openid p profile r s t u is not valid..." (emphasis added). Notice that the scope it is listing is not the one I provided.
I tried in my environment and got the below results:
Initially, I tried with your code and got the same error.
Error:
The above error occurs when you are not passing the scope in the correct format. The scope should be list
format.
scopes = ['https://graph.microsoft.com/.default']
Code:
from azure.identity import InteractiveBrowserCredential
from msgraph import GraphServiceClient
import asyncio
async def me():
credential = InteractiveBrowserCredential()
scopes = ['https://graph.microsoft.com/.default']
graph_client = GraphServiceClient(credential, scopes)
me = await graph_client.me.get()
if me:
print(me)
if __name__ == "__main__":
asyncio.run(me())
Output:
User(additional_data={'@odata.context': 'https://graph.microsoft.com/v1.0/$metadata#users/$entity'}, id='xxxx', odata_type=None, deleted_date_time=None, about_me=None, account_enabled=None, activities=None, age_group=None, agreement_acceptances=None, app_role_assignments=None, assigned_licenses=None, assigned_plans=None, authentication=None, authorization_info=None, birthday=None, business_phones=[], calendar=None, calendar_groups=None, calendar_view=None, calendars=None, chats=None, city=None, company_name=None, consent_provided_for_minor=None, contact_folders=None, contacts=None, country=None, created_date_time=None, created_objects=None, creation_type=None, department=None, device_enrollment_limit=None, device_management_troubleshooting_events=None, direct_reports=None, display_name='xxxx', drive=None, drives=None, employee_hire_date=None, employee_id=None, employee_leave_date_time=None, employee_org_data=None, employee_type=None, events=None, extensions=None, external_user_state=None, external_user_state_change_date_time=None, fax_number=None, followed_sites=None, given_name='xxx', hire_date=None, identities=None, im_addresses=None, inference_classification=None, insights=None, interests=None, is_resource_account=None, job_title=None, joined_teams=None, last_password_change_date_time=None, legal_age_group_classification=None, license_assignment_states=None, license_details=None, mail='xxx', mail_folders=None, mail_nickname=None, mailbox_settings=None, managed_app_registrations=None, managed_devices=None, manager=None, member_of=None, messages=None, mobile_phone=None, my_site=None, oauth2_permission_grants=None, office_location='No WorkSpace', on_premises_distinguished_name=None, on_premises_domain_name=None, on_premises_extension_attributes=None, on_premises_immutable_id=None, on_premises_last_sync_date_time=None, on_premises_provisioning_errors=None, on_premises_sam_account_name=None, on_premises_security_identifier=None, on_premises_sync_enabled=None, on_premises_user_principal_name=None, onenote=None, online_meetings=None, other_mails=None, outlook=None, owned_devices=None, owned_objects=None, password_policies=None, password_profile=None, past_projects=None, people=None, photo=None, photos=None, planner=None, postal_code=None, preferred_data_location=None, preferred_language=None, preferred_name=None, presence=None, print=None, provisioned_plans=None, proxy_addresses=None, registered_devices=None, responsibilities=None, schools=None, scoped_role_member_of=None, security_identifier=None, settings=None, show_in_address_list=None, sign_in_activity=None, sign_in_sessions_valid_from_date_time=None, skills=None, state=None, street_address=None, surname='xxx', teamwork=None, todo=None, transitive_member_of=None, usage_location=None, user_principal_name='xxxx', user_type=None)
Answered By - Venkatesan
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.