Troubleshooting 403 Authorization error when calling Microsoft Graph Security API

You may get the following 403 error when using Microsoft Graph Security API to call various end points (https://graph.microsoft.com/v1.0/security/alert, https://graph.microsoft.com/beta/security/secoreScores, etc…) “Auth token does not contain valid permissions or user does not have valid roles” Root Cause The above error can occur if the access token is missing the following requirement: The token does not have the required Microsoft Graph permission for the https://graph.microsoft.com/v1.0 (or beta)/security/xxx entity endpoint being used…

Read More

How to sign in as a guest user in Graph Explorer

Besides tenant members, it is also possible to use Graph Explorer signed in as a tenant’s guest user. In Graph Explorer, add “?tenant=”{tenantname.onmicrosoft.com}” to the URL in the address bar (eg https://developer.microsoft.com/en-us/graph/graph-explorer?tenant=contoso.onmicrosoft.com), and press enter. This will explicitly make Graph Explorer to consider only that tenant when signing in. Now sign into Graph Explorer as usual, with a guest user’s credentials. Afterwards, try making this GET request: “https://graph.microsoft.com/v1.0/me”. In the…

Read More