none
Graph API For OneDrive - InvalidAuthenticationToken: CompactToken parsing failed with error code: -2147184105 RRS feed

  • Question

  • I'm working with the OneDrive Graph API and I keep getting the following error every time I try: 

    https://graph.microsoft.com/v1.0/drive

    (as per https://dev.onedrive.com/drives/default.htm

    https://graph.microsoft.com/v1.0/me/drive

    (as per https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/drive_get)

    https://graph.microsoft.com/v1.0/drives

    (as per https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/drive_list)

    https://graph.microsoft.com/v1.0/me/drive/root/children

    The error:

    {
      "error": {
        "code": "InvalidAuthenticationToken",
        "message": "CompactToken parsing failed with error code: -2147184105",
        "innerError": {
          "request-id": "de6498d6-0d60-43d5-be0e-c71abcb18cb1",
          "date": "2017-04-05T18:48:22"
        }
      }
    }

    I have successfully authenticated with OAuth2 and using the following URL:

    https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=633ea127-429c-44ab-82e4-3bc110c457d3&scope=files.read%20files.readwrite%20files.read.all%20files.readwrite.all%20offline_access%20User.Read.All%20User.Read%20Sites.Read.All&response_type=code&redirect_uri=[redirectURL]

    However, it seems to ignore the last scope permission "Sites.Read.All" as it does not appear in the list of requested permissions on the user consent screen and it is not in the URL of the user consent screen.

    I have also added all of the above permissions in the app registration portal.

    Then I successfully get an OAuthToken using:

    https://login.microsoftonline.com/common/oauth2/v2.0/token/

    in my server side code.

    (I can post the token if you need it, the account is a throwaway test account)

    I can successfully use the OAuth token (attaching it as a header) I received to call the graph API to get information about the requesting user:

    https://graph.microsoft.com/v1.0/me?$select=id%2Cmail

    This returns the expected result: A user object with the ID and email fields populated.

    Then, using the exact same token a few seconds later, all of the calls to get a drive (or it's contents) fail, and they all fail with the same error code (above). What is going on? What is a compact token? Why does the token provided to me not work? How do I fix this? What have I done wrong? 

    • Moved by Patrick_Liang Thursday, April 6, 2017 2:38 AM more relate to Microsoft Graph API
    Wednesday, April 5, 2017 7:06 PM

All replies

  • Hi,

    Since it is more relate to Microsoft Graph API, it would be more appropriate to hold the discussion in the corresponding forum:

    https://social.msdn.microsoft.com/Forums/office/en-US/home?forum=Office365forDevelopers

    I will move this thread there, community there should be more familiar with this issue.

    Thanks for your understanding.

    Best regards,

    Patrick Liang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, April 6, 2017 2:38 AM
  • Hi,

    According to this stack overflow post: 

    The response actually indicates that the access token was not successfully generated or passed to the graph endpoint. Microsoft Graph couldn't parse it as a JWT token and thus attempted to process it as a Microsoft Account/Live Id compact token, which also failed. Please check the response that you got from the call to login.microsoftonline.com and that the token passed to graph.microsoft.com is a valid JWT token.


    Regards, Sjoukje

    Please remember to click 'Mark as Answer' on the post that helps you.


    Monday, April 24, 2017 6:18 AM
    Moderator