I have installed my extension on two different Outlook version
Outlook 16.0.9029
Outlook 16.0.4639
When the user clicks on my add-in, I want to forward that email to an external email address. I am using the following URL to send
https://outlook.office.com/api/v2.0/me/sendmail
It works fine in Outlook 16.0.9029 version and above but does not work in 16.0.4639. I am getting the following error
{"error": {
"code": "ErrorAccessDenied",
"message": "The API you are trying to access does not support item scoped OAuth."
}}
I decoded JWT and found out that the rest token which is generated on Outlook 16.0.4639
"ver": "Exchange.Callback.V1"
but token generated on Outlook 16.0.9029 is
"ver": "Exchange.Callback.V2"
I am using the following code to get token
function getAccesToken(callback) {
Office.context.mailbox.getCallbackTokenAsync({ isRest: true }, callback)
}
How i can force token generation using version Exchange.Callback.V2 for both outlook so that i can use above endpoint
Related
I want to send message to Microsoft teams channel. I have a VM and i want to run python script inside VM and want to use rest API to send message to microsoft teams channel.
I tried with generating access_token using client_credentials flow , but it throws following error
{'error': {'code': 'Unauthorized', 'message': 'Message POST is allowed in application-only context only for import purposes. Refer to https://docs.microsoft.com/microsoftteams/platform/graph-api/import-messages/import-external-messages-to-teams for more details.', 'innerError': {'date': '2023-02-06T15:26:59', 'request-id': 'ec5838d3-8d3c-4b59-b177-b261a934901f', 'client-request-id': 'ec5838d3-8d3c-4b59-b177-b261a934901f'}}}
I tried with generating access_token using code authorization flow , but in this flow, we need to generate code in the browser , which is not automated way
I tried with generating access_token using password flow, it throw following error
{"error":"invalid_grant","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000003-0000-0000-c000-000000000000'.\r\nTrace ID: 6ace8bef-c2f5-43c4-a9a5-16955e5c7b01\r\nCorrelation ID: a6e6dc2b-1257-4aed-9579-f447e064cabd\r\nTimestamp: 2023-02-06 15:41:38Z","error_codes":[50076],"timestamp":"2023-02-06 15:41:38Z","trace_id":"6ace8bef-c2f5-43c4-a9a5-16955e5c7b01","correlation_id":"a6e6dc2b-1257-4aed-9579-f447e064cabd","error_uri":"https://login.microsoftonline.com/error?code=50076","suberror":"basic_action"}
Following the steps for creating incoming webhooks via add to slack button. The final response will look like this:
{
"access_token": "xoxp-XXXXXXXX-XXXXXXXX-XXXXX",
"scope": "incoming-webhook,commands,bot",
"team_name": "Team Installing Your Hook",
"team_id": "XXXXXXXXXX",
"incoming_webhook": {
"url": "https://hooks.slack.com/TXXXXX/BXXXXX/XXXXXXXXXX",
"channel": "#channel-it-will-post-to",
"configuration_url": "https://teamname.slack.com/services/BXXXXX"
},
....
}
This provides access to team_name, channel the webhook will post to, and a url for configuration.
While this is working great and after initially storing the 'configuration' to my own webapp it displays correctly. But after a someone uses the 'configuration_url' link from the response these previous values like the channel could become obsolete. For example the webhook could be deleted from this link.
My Question is:
Is there a way to reflect this changes in my external app? As far as I can see there is no way to query information for 'incoming webhooks' via an api call from an external web application?
I also could not find any api calls that could change webhook configuration directly without using the provided link.
Its not possible to change the webhook configuration after it is created. The only possible change is that the workspace that installed your Slack app (which contains the webhook) is uninstalled.
If that happens the webhook will no longer work and you will get an error in response.
You can also get notified when you app is uninstalled by listening to the app_uninstalled event.
Or you can also test if your app and webhook is still valid by checking the token you received during the Add to Slack process. Just call the API method auth.test with that token. If it returns the following error than the webhook is no longer valid:
{
"ok": false,
"error": "invalid_auth"
}
I'm writing a Lambda function that queries Google Calendar events. Although I successfully created a credential (client ID, and client secret) on Google Developers Console, I cannot access the events. Error:
{ "error": { "errors": [{ "domain": "usageLimits", "reason": "keyInvalid", "message": "Bad Request" } ], "code": 400, "message": "Bad Request" } }
My http request looks like this:
https://www.googleapis.com/calendar/v3/calendars/MY_CLIENT_ID/events?key=MY_CLIENT_SECRET
What went wrong? Any help is greatly appreciated.
"domain": "usageLimits", "reason": "keyInvalid", "message": "Bad Request"
Means that the key you are sending is an invalid api key.
Background info
When you make a request to a Google api for public data you can use an API key. Public data is data that is not owned by a user. For example public posts on google+, google books. In these instances you can use an api key inorder to access the api using
GET https://www.googleapis.com/youtube/v3/search?part=snippet&maxResults=25&q=surfing&type=test&key={YOUR_API_KEY}
key identifies your application to google using the api key you create in google developer console.
Private data is data that is owned by a user for instance your google calendar an application can not post to it with out permissions. Inorder to do this we use Oauth2. You create a client on google developer console then login the user using oauth2. you will get an access token back then you can make a request
https://www.googleapis.com/calendar/v3/calendars/MY_CLIENT_ID/events?accesstoken=ACCESSTOKEN
Notice that the first request used key and the second used accesstoken.
Anwser
Your problem is that you are sending a client secret as an api key which will not work because first of all a client secret is not an api key and second events are private user data which will require that you authenticate your user first.
I would like to fetch all the google private connections of a user signed in from my app.
I've enabled the Google People and the Google Plus API's. I set up the credentials API key, client id & client secret. The url with which I'm trying to fetch the users connections is
https://people.googleapis.com/v1/people/me/connections?fields=connections&key=api_key&access_token=access_token
Also, I'm using the library passport-google-oauth, to get the users access_token. Is there anything that I'm missing in the above URL.
My google auth code is
// send to google to do the authentication
// profile gets us their basic information including their name
// email gets their emails
app.get('/auth/google', passport.authenticate('google', {
scope: ['profile', 'email','https://www.googleapis.com/auth/contacts.readonly', 'https://www.googleapis.com/auth/contacts']
}));
// the callback after google has authenticated the user
app.get('/auth/google/callback',
passport.authenticate('google', {
successRedirect: '/profile',
failureRedirect: '/'
}));
You have not mentioned what error you are getting but by looking at the url you are using I can tell you a few things.
people.connections.list access private user data. So for one you don't need to add Key that is just used for accessing public data. However having both should not result in any error message.
I have tested the request you are sending and it does work however this request requires that you have authenticated with at least one of the connections scopes.
https://www.googleapis.com/auth/contacts Requests that your app be
given read and write access to the contacts in the authenticated
user’s Google Contacts.
https://www.googleapis.com/auth/contacts.readonly Requests that your
app be given read access to the contacts in the authenticated user’s
Google Contacts.
If you have not then you will get a no access error message.
{
"error": {
"code": 403,
"message": "Request had insufficient authentication scopes.",
"status": "PERMISSION_DENIED"
}
}
My application uses Outlook Push Notifications REST API to get updates for a set of users.
The code I use to make the registration is like following:
HTTP POST to:
https://outlook.office.com/api/v2.0/users/<user email>/subscriptions
POST data = {
'#odata.type': '#Microsoft.OutlookServices.PushSubscription',
'Resource': 'https://outlook.office.com/api/v2.0/me/messages',
'NotificationURL': 'https://<my_valid_hostname>/api/subscriptions',
'ChangeType': 'Created, Deleted',
'ClientState': <user UUID>,
}
This code always worked fine, but since Sep 26 it stopped to work for mostly of users. The HTTP request to make a registration to web notification returns HTTP 403 error:
HTTP 403 Error: https://outlook.office.com/api/v2.0/users/<user email>/subscriptions
{
"error": {
"code": "ErrorAccessDenied",
"message":"Access is denied. Check credentials and try again."
}
}
This application is a backend aplication registered in Azure AAD portal and uses a token which allow me to do the requests on behalf of the users.
My token credentials are working fine. I use the same token for Graph API and Outlook API without errors. I refreshed it to see if the error go away, but it doesn't work. The error comes for fresh tokens anyway.
For some users I get no error, it always work. The subscription is created fine and I get the subscription data in JSON returned, as usual.
This make me think that it may be a problem in Microsoft side, but I have no way to check this.
So how can I fix this error for the affected users?
First thing that comes in my mind is that did you forgot to renew your calendar subscriptions? It's something like max. 14 days those are alive. Anytime before expiration you can renew subscriptions and after that you still can revive subscriptions.
In fact now I tested new subscription with my app and I get only 7 days to expiration date.
At this point I got that you are getting error when creating new subscription.. are you sure your access_token is still valid?
For future SO users,
POST https://outlook.office.com/api/v2.0/me/subscriptions
Content-Type: application/json
Authorization: Bearer <access_token>
{
"#odata.type":"#Microsoft.OutlookServices.PushSubscription",
"Resource": "https://outlook.office.com/api/v2.0/<Outlook-Resource>",
"NotificationURL": "<My-Endpoint-Url>",
"ChangeType": "Created,Updated,Deleted"
}
Optional ClientState in body, allows the listener to check the legitimacy of the notification.
Check out the docs for more info.