Authenticating with Microsoft Graph (AzureGraph package) to access Contacts on a personal Outlook account

Hi, I am having real trouble obtaining access to my personal Contacts

gr <- create_graph_login(
tenant = '',
app = '34422ba3-ec5.......-348244b822ae',
auth_type = 'client_credentials',
password = '030zWy5........JLB4k-OVdfNP'

Deleting existing Azure Active Directory token for this set of credentials
Creating Microsoft Graph login for tenant ''

me <- gr$get_user("me")

Error in process_response(res, match.arg(http_status_handler)) :
Forbidden (HTTP 403). Failed to complete operation. Message:
Insufficient privileges to complete the operation.

Yet I believe I have set all the permission in Azure I need to.

The client_credentials authorization flow means that you're signed into Graph as the app, not as yourself. Because of this, Graph doesn't know who you are, and so can't retrieve your user details. You need to register an app that will let you sign in with an interactive flow, eg authorization_code, and then login with your username and password.

Alternatively, rather than gr$get_user("me"), use gr$get_user("myusername") ie explicitly tell it which user to retrieve.

Thank you @Hong. Can you point me to, or prove me with an example or template? What I am trying to do is obtain information, and manipulate my Contacts in my personal Outlook account.

Well, the simplest solution would be just to pass an explicit user to get_user, like gr$get_user(""). This should let you keep your existing app registration, assuming you have all the proper permissions granted.

If you want to use gr$get_user("me"), you'll need to create an app with an authentication redirect so that you can sign in as yourself. It's probably easiest to do this in the Azure portal.

Go to Azure Active Directory, and click on the "App registrations" tab:

In the pane on the right, click on "New registration" and add a custom redirect to http://localhost:1410 :

Use the app ID for your new registered app to login to AzureGraph. You'll be prompted to authenticate with AAD when you run create_graph_login().

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.