Below query is returning "item not found" but the user executing the query actually has access to SharePoint sites as well as is Admin of one of the SharePoint site.
Is there any specific permission required for this query to bring results?
If you switch to Modify permissions tab in Graph Explorer, you will see all permissions required for the current endpoint.
The endpoint GET https://graph.microsoft.com/v1.0/sites?search=* requires Sites.Readl.All or Sites.ReadWrite.All permissions.
Related
We're applaime - developing an AI driven product which will help job seekers to manage more effectively the job application process.
The product will enable Linkedin oauth authentication after which it is expected to retieve the current user's basic profile.
Hence we would like to apply for this permission (r_basicprofile). How can we get this process in motion?
Thanks.
Trying to fetch the basic profile via an API. Need permission for that.
This page describes how to get access to the various APIs: https://learn.microsoft.com/en-us/linkedin/shared/authentication/getting-access.
I have published a deployment that runs with the developer account. In the deployment settings I have a role called "Supervisors". I have assigned a google group to that role, directorssupervisors#domain.com.
When the deployment runs with the developer account, everythings works fine. But when the deployment is ran by any other user, I get the following error:
appmaker.application.permission.GroupsPermission: Error reading group directorssupervisors#domain.com. Note: The deployer developeraccount#domain.com must have access to this group.
Exception:
Exception: You do not have permission to view the member list for the group: directorssupervisors#domain.com
The group settings are configured so that everyone in the domain can view the membership; moreover, the developer account is a member of the group.
I have checked the information provided in this post and also in this post but none of them seem to help. The developer account was added to the group more than 72 hours ago and the deployment was published more than 48 hours ago.
So far, everything is leading me to believe this is a bug. Before I open a support ticket with the G Suite AppMaker team, I would like to know if anyone has had the same issue and if there was a solution to it.
Thanks in advance for your help!
UPDATE:
Now it is also showing the error when the app is ran by the developer account!
It so happens that the AppMaker team corrected a buggy behavior that allowed the reading of email addresses from groups without having the permission properly set up in the group settings. To make the app work again I had to make sure the group permission had the proper access for viewing email addresses; Group Settings -> Permissions -> Access permissions -> View Email Addresses.
Once I changed the permission to All members of the group, I proceeded to republish the app and then it worked again.
Update 12/31/2019
On top of the already mentioned above, you also need to make sure that the group is visible to all members in the organization:
Group Settings -> Permissions -> Basic permissions -> Group Visibility.
I have an issue with connecting GA to Data Studio. Everything seems to work fine but there's some kind of problem that I just don't know how to solve. Maybe somebody have already had something similar before.
Although my account is authorized and I can choose everything - Connectors, Account, Property and View and even see the fields - when I add it to report, I get Error 400.
400. That’s an error.
Error: admin_policy_enforced
Access to your account data is restricted by policies within your organization. Please contact administrator for more information.
Request Details
client_id=myid-myanotherid.apps.googleusercontent.com
scope=https://www.googleapis.com/auth/drive
access_type=offline
response_type=code token
immediate=false
pageId=none
user_id=myid#myemail.com
include_granted_scopes=true
proxy=oauth2relay2050978162
redirect_uri=postmessage
origin=https://datastudio.google.com
gsiwebsdk=1
state=781464001|0.792356641
jsh=m;/_/scs/apps-static/_/js/k=oz.gapi.en.6hIrKdeK3RQ.O/m=__features__/am=AQ/rt=j/d=1/rs=AGLTcCNV6CBDIuxs3srAO9rORg8A8mF6Kg
hd=sotrender.com
That’s all we know.
It seems to bit a problem with Google Drive. But when I create a new report in Data Studio, it creates a file in my Drive so I don't really know why is that happening. GA works fell because I can see all the accounts, views, fields, etc. when creating a report. After I click 'Create a new data source', choose the data source and click 'Add to report' - the message above appears and I can't really do anything else.
Cheers.
Does your organization use G Suite? If so there's an administrator inside your company responsible for G Suite settings. He has restricted you or your whole organization of either using Analytics, using Data Studio or linking both together. You need to get in contact with your company admin to help you get the correct access to perform this change.
I had created app that used to get authenticated by users for their contacts, sending messages to those contacts etc. When linked in changed their API access system in May, suddenly our application stopped working.
In the doc there is nothing clearly written about these kind of permissions now or with what kind of membership program I can get access to these again. There is one section where contacts info can be fetched when we apply for partnership program with Apply with LinkedIn button. But I am not sure its of my use.
Access to r_contactinfo permission:
As per the Linkedin website,
The r_contactinfo member permission will now be associated exclusively
with Apply with LinkedIn. As a result, you will only be able to
request this member permission if your application has been approved
by LinkedIn for this particular use.
What you need to do:
Apply for partner status with LinkedIn (Apply with Linkedin), explaining what your integration is and how it works. If it meets their criteria, then you will get access to the above endpoint.
Check this link for further details.
I've created an open graph action, and so far I can only seem to use it to post the test page that Facebook has generated for me (I'm messing around with curl and a webserver serving the correct kinds of metadata).
Is this a restriction on actions (where, for sandboxed applications, only actions which have been approved can post real updates to a timeline), or am I likely looking at a bug?
In the app dashboard, you can create roles. Create one test user. After you log in from the test user (that will log you out from your original account), you can test freely. Or else, you can not post for global users unless your actions are submitted (via app dashboard -> open graph) and approved.