none
Access denied to add Microsoft Graph Schema Extension on a Message RRS feed

  • Question

  • We're curretly making a multi-tenant app where admin users can log on Office365 and manipulate other users' emails. We want to add a schema extension on created Message, but I end up with a AccessDenied error. Note that I use the arxone_path schema extension, that is Available (you can try to use it).

    I first set up the delegated permission Mail.ReadWrite on my app registration on Azure (like said on the documentation). I also added Mail.ReadWrite.Shared permission. Using the user's access token, I can actually fetch, create, delete or update Message of another user. But if I try to update a message to add a schema extension like this:

    PATCH https://graph.microsoft.com/v1.0/{{user}}/messages/{{message}}
    Content-Type: application/json
    {
        "arxone_path": {
            "path":"some/path"
        }
    }


    I always get this response :

    HTTP/1.1 403 Forbidden
    Content-type: application/json
    {
      "error": {
        "code": "ErrorAccessDenied",
        "message": "Access is denied. Check credentials and try again.",
        "innerError": {
          "request-id": "a95b0641-63e9-4601-82f2-d8c4ed6d64d8",
          "date": "2020-01-16T16:12:29"
        }
      }
    }

    If I try to update one of the connected user's message, it does work, but for another user it doesn't. I can PATCH any message, except to add a schema extension. I don't know what I'm missing here



    Tuesday, January 21, 2020 1:00 PM