Graph API/Could not obtain a WAC access token

(0) Share

Report

Posted on by marciokataoka

Could not obtain a WAC access token

3 hours ago

Hi!

I am trying to create an xlsx document in a SharePoint library but and I execute the Excel action "Create table" I got an error:

{

"status": 403,

"message": "The request is forbidden by Graph API. Error code is 'AccessDenied'. Error message is 'Could not obtain a WAC access token.'.\r\nclientRequestId: xxx\r\nserviceRequestId: xxx",

"error": {

"message": "The request is forbidden by Graph API. Error code is 'AccessDenied'. Error message is 'Could not obtain a WAC access token.'."

"source": "excelonline-bs..."

}

The request is forbidden by Graph API. Error code is 'AccessDenied'. Error message is 'Could not obtain a WAC access token.'.
clientRequestId: xxx
serviceRequestId: xxx

It also happens if I try to create in OneDrive instead.

What I should do to get rid of this error?

I was asked to inform AAD ServicePrincipal AppID ou ClientID or APp name to get access to the API but I do not know where to find this information(nether the administrator!!). Where can I find it??

Thanks in advance!

Categories:

Building flows

I have the same question (0)

All responses (5)

Answers (0)

Expiscornovus 33,195 Most Valuable Professional on at

Like (1)

Report

Hi @marciokataoka,

I am assuming you are trying to use a HTTP action with Active Directory OAuth authentication?

If so, normally you can find this type of information in Azure in the Azure Active Directory blade under App registrations. There should be an app in there which you have registered with its own client id & secret & correct permissions which you can use for these requests.

Lee Ford has written a nice blog (screenshots bit outdated, approach is still valid):

https://www.lee-ford.co.uk/using-flow-with-graph-api/

Was this reply helpful? Yes No
eliotcole 4,363 Moderator on at

Like (0)

Report
EDIT - I do have a work around for this SPECIFIC issue, @marciokataoka ... I'll post it separately, because this is a bit of a side note.

Using the Graph Send an HTTP request action should have all the permissions of the user using them, though, right, @Expiscornovus?

Whilst I do think that the Azure app with all the required permissions is the best way to 100% ensure there's no permissions getting in the way of things ... the Graph action should work to the user's perms.

So ... I'm making an assumption, but I'm assuming that @marciokataoka, is using that within a flow. I think that one is a safe assumption. A bigger assumption is that Marcio (more assumptions! this time the name! 😅) is at the right permissions level themselves.

However I'm literally the Global administrator, which *should* mean I'm good. Yet this still happens for me.

We're all not alone, either ... here's something on MS Q&A.

Possible Work Around

I'm still (foolishly) playing with mine trying to get it to work, though, Marcio. Because there's something that I've noticed with the SharePoint and Graph HTTP request actions is that if you play around with the URI and the various ways of hitting the right endpoints or HTTP encoding of '{' (and more), then suddenly things start work.

For example for this solution, I couldn't just send the number across, I had to HTTP encode curly brackets around it to get Graph to accept the call. Weird, but got there in the end.

Here, though, I'm trying to add rows (as that action is missing in the excel PA actions) with the values of site_id, drive_id, item_id, and table_name are all what you want them to be. I'm sending to this URI:

https://graph.microsoft.com/v1.0/sites/%7Bsite_id%7D/drives/drive_id/items/item_id/workbook/tables/table_name/rows/add

With this (generated) JSON:

{ "index": null, "values": [["AA","05/01/2022","600"],["AA","05/02/2022","150"],["BB","05/03/2022","100"],["LB","05/15/2022","150"],["LB","05/16/2022","550"]] }

One thing I'm about to try, though, is changing that API number to see if I can trick it a bit. 😈

So my current advice is to keep trying as many different combinations of the URI that you can, and maybe you'll get there. But like I say, I have a workaround for you in a second.

Otherwise, yeah, annoyingly maybe you'll have to make an Azure App. That isn't the worst thing in the world, though.

I'm wondering how one authorises external apps, though, because I already have a very sneaky, and easy, HTTP request solution for free users. But I'm not fond to post it on here for fear of Microsoft finding a way to block it. Anyway, if I can get that authorised easily enough, then it should make all of this really easy.

Was this reply helpful? Yes No
eliotcole 4,363 Moderator on at

Like (0)

Report

If you are wondering, you can actually still achieve what you want to achieve if you just use the normal excel actions, @marciokataoka.

For example, I keep an excel sheet purely for stuff that flows can't manage (and despise that I have to touch excel for it 😅), and I can create a new worksheet, and then create a table in that worksheet at the Table range:

worksheet_name!A1:A1

Then all I need to do to ensure that the table is wide enough (since I must be data agnostic) I have pulled in my headers as comma separated values, and placed them in the Column names field.

Voila, the perfect table to then not be able to enter rows into! 😅

---

If, however it's the excel actions that are giving you this error, then I'm flummoxed, and perhaps there's a possibility this is permissions based. Make sure that your account has access to the files and request actions in question, or to operate at the level needed for the request (even possibly with the normal excel actions) ... you'd be surprised how often this is a thing.

Was this reply helpful? Yes No
marciokataoka 33 on at

Like (1)

Report

Hi @Expiscornovus
Thanks, I`m going to check the blog.

Was this reply helpful? Yes No
Mikkie 2 on at

Like (0)

Report

I managed to fix issue by checking the attachments
make sure the only attachment you are getting in you flow is you excel doc and not any images related in your email that gets added as an attachment

Was this reply helpful? Yes No