You’re offline. This is a read only version of the page.
Announcements
Hi there,
we created project-based MS Teams-Groups with a bigger PowerAutomate-Flow, and i'm trying to disable sharing of Team-Groups to external users with the Graph API within this flow.
For testing purposes, i tested the JSON-Code i have to throw against the API with the Graph Explorer and could confirm, that it is working as expected.
Now i try to test the GraphAPI-Call within a PowerAutomate-Flow:
URI: https://graph.microsoft.com/v1.0/groups/<groupid>/settings
Method: Post
Body:
Share
Report{
"displayName": "Group.Unified.Guest",
"templateId": "08d542b9-071f-4e16-94b0-74abb372e3d9",
"values": [
{
"name": "AllowToAddGuests",
"value": "false"
}
]
}
But i get errors regarding insufficient rights:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"date": "2023-01-24T10:38:50",
"request-id": "89d9e24e-89f7-4d89-809f-585680fd6d68",
"client-request-id": "89d9e24e-89f7-4d89-809f-585680fd6d68"
}
}
}
{
"Transfer-Encoding": "chunked",
"Vary": "Accept-Encoding",
"Strict-Transport-Security": "max-age=31536000",
"request-id": "89d9e24e-89f7-4d89-809f-585680fd6d68",
"client-request-id": "89d9e24e-89f7-4d89-809f-585680fd6d68",
"x-ms-ags-diagnostic": "{\"ServerInfo\":{\"DataCenter\":\"West Europe\",\"Slice\":\"E\",\"Ring\":\"5\",\"ScaleUnit\":\"001\",\"RoleInstance\":\"AM4PEPF0001EB7F\"}}",
"x-ms-resource-unit": "1",
"Timing-Allow-Origin": "*",
"x-ms-apihub-cached-response": "true",
"x-ms-apihub-obo": "false",
"Cache-Control": "no-cache",
"Date": "Tue, 24 Jan 2023 10:38:50 GMT",
"Content-Type": "application/json",
"Content-Length": "331"
}
The Flow runs under the rights of a global Office 365-Administrator (the same one, with which i tested the above Code with the Graph Explorer - there it worked).
I had to grant an admin consent within the Graph Explorer (Directory.ReadWrite.All); after that, i could send the above request. I think, that i had to do the same for the PowerAutomate-Flow - but i don't know how.
Also, i don't understand, why a global Administrator has insufficient rights (...).
I'm using other GraphAPI-Calls with the PowerAutomate-Operation "Send http request" without any issue.
Maybe, someone could help me/give me a hint, how to solve my issue?
Thanks in advance,
Bastian
Hi @bmueller11
Although you're using and Admin user with permissions I guess it has to be with Authentication Flow (before calling Grap API you need to get a valid authentication token). I would recommend reading this excellent blog post by Laura Kokkarinen on Calling Graph from Power Automate with delegated permissions.
Hope that helps!
Ferran
All responses (
Answers (
8,003
