Skip to main content

Azure Active Directory GraphClient AuthorizationException


Error : Microsoft.Azure.ActiveDirectory.GraphClient.AuthorizationException Insufficient privileges to complete the operation

Solution:

Under Configure
under Permissions to other applications

Add application - Windows Azure Active Directory
Give the following permissions

Read directory data
Sign in and read user profile


Stack Trace : 

Microsoft.Azure.ActiveDirectory.GraphClient.AuthorizationException was unhandled by user code
  HResult=-2146233088
  Message=Insufficient privileges to complete the operation.
  Source=Microsoft.Azure.ActiveDirectory.GraphClient
  Code=Authorization_RequestDenied
  ErrorMessage=Insufficient privileges to complete the operation.
  ResponseUri=https://graph.windows.net//users/?api-version=2013-11-08
  StackTrace:
       at Microsoft.Azure.ActiveDirectory.GraphClient.ConnectionWrapper.InvokeNetworkOperation[T](Func`1 action)
       at Microsoft.Azure.ActiveDirectory.GraphClient.ConnectionWrapper.DownloadData(String address, WebHeaderCollection additionalHeaders)
       at Microsoft.Azure.ActiveDirectory.GraphClient.ConnectionWrapper.DownloadData(Uri address, WebHeaderCollection additionalHeaders)
       at Microsoft.Azure.ActiveDirectory.GraphClient.GraphConnection.GetCore(Type objectType, String objectId, FilterGenerator filterGenerator, Uri& requestUri)
       at Microsoft.Azure.ActiveDirectory.GraphClient.GraphConnection.Get(Type objectType, String objectId, LinkProperty expandProperty)
       at Microsoft.Azure.ActiveDirectory.GraphClient.GraphConnection.Get(Type objectType, String objectId)
       at Microsoft.Azure.ActiveDirectory.GraphClient.GraphConnection.Get[T](String objectId)
       at Readify.Sudo.Web.Infrastructure.Identity.GraphClaimsAuthenticationManager.Authenticate(String resourceName, ClaimsPrincipal incomingPrincipal) in
       at System.IdentityModel.Services.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequestBase request)
       at System.IdentityModel.Services.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
  InnerException:


Comments

Popular posts from this blog

Your me, my me and the other me. A guide to be at peace with personal growth

This article is not a direct address to a problem statement, but a journey with me to certain philosophies that I have entertained in my quest for personal growth. There is a short and effective way to look at personal growth which I will come to in this article, one that I believe will help you to be more closer to peace with the practice of personal development.  I am thankful to many people in my life, for instilling in me a desire for personal growth in my life.  Both my parents have always been open to learning and cared to share some of their struggles with difficult choices and dilemmas associated with scenarios. A few school teachers stood out in vocalising their own personal learnings and set an example by embracing the incompleteness in spite of not being required to do so. I was fortunate to have attended a school that celebrated learning and instilled pride, largely thanks to the unconventional principal that held office there. The themes you can notice in these ex...

SharePoint 2013 workflow : The server was unable to process the request

Here, I received another SharePoint 2013 workflow error. This time the workflow was not able to send emails and the following error was being shown Retrying last request. Next attempt scheduled in less than one minute. Details of last request: HTTP Unauthorized to http://sitename/_vti_bin/client.svc/web/lists/getbyid(guid'guid') Correlation Id: id Instance Id: id Fortunately I came across this post which gave me the answer http://sharepoint.stackexchange.com/questions/89101/failed-to-retrieve-the-com-class-factory-for-component-with-clsid-sp-sprequest Solution 1: In InetMgr, go to advanced settings for Security Token Service Application Pool and change "Load User Profile" to true. Recycle application pool. Reason 2 and Solution 2 : There could be another reason for this error. The workflow authentication can fail if the user executing the workflow (this will be the user initiating the workflow) is given permission through active directory group and the co...

Think like a leader : 5 steps to making decisions

A big part of any leadership role, be it team management or managing a large portfolio, leaders are expected to provide decisions on various matters. Leaders would want their teams to be empowered in decision making, and making good decisions comes from preparation and practice.   So, How do we make good decisions?   Here is a cheat card of 5 steps to enable you to make good decisions. Let us take a hypothetical example.  e.g. You would like to organise training for a few members of your team. Convert the activity to a business case and find the concepts  This is the most difficult step. More often than not, as employees in an organisation, we expect us to be guided through a problem at hand. This is where thinking like a leader makes a person stand out. Instead of someone and receiving a decision we can look at the factors and concepts that will affect the scenario. Let u...