Outlook Dev Center - OAuth Sandbox stoped working with mail. When i try to send :
https://outlook.office.com/api/v2.0/me/mailfolders/inbox/messages?$top=10
i'm getting :
HTTP/1.1 403 Forbidden
Transfer-Encoding: chunked
request-id: 72bb8456-b708-4395-b20b-070f59203571
X-CalculatedBETarget: AM4PR06MB1602.eurprd06.prod.outlook.com
X-BackEndHttpStatus: 403
x-ms-diagnostics: 2000008;reason="The token contains not enough scope to make this call.";error_category="invalid_grant"
OData-Version: 4.0
X-DiagInfo: AM4PR06MB1602
X-BEServer: AM4PR06MB1602
X-FEServer: AM4PR01CA0018
X-MSEdge-Ref: Ref A: C76DC482B3B948DCA89EA29991DAC69F Ref B:CFF0022456998571B7B1C5143CD90D48 Ref C: Sun Oct 30 05:12:00 2016 PST
Cache-Control: private
Date: Sun, 30 Oct 2016 12:12:00 GMT
Set-Cookie: exchangecookie=7f60ed49643e4ce098a0af5830de4eec; expires=Mon, 30-Oct-2017 12:12:00 GMT; path=/; HttpOnly
Server: Microsoft-IIS/8.5
WWW-Authenticate: Bearer client_id="00000002-0000-0ff1-ce00-000000000000", trusted_issuers="00000001-0000-0000-c000-000000000000@*", token_types="app_asserted_user_v1 service_asserted_app_v1", error="invalid_token"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
{
"error": {
"code": "ErrorAccessDenied",
"message": "Access is denied. Check credentials and try again."
}
}
after some investigation i noticed that OAuth Sandbox is not requesting email read write permission. Is it a bug?
I don't reproduce this. The Sandbox does request read/write permission via the Mail.ReadWrite.Shared
scope, assuming you are authorizing with your own account.
If you click the Authorize using Sandbox Account
it only requests Mail.Read.Shared
, but that is sufficient scope to do a GET
on https://outlook.office.com/api/v2.0/me/mailfolders/inbox/messages?$top=10
.
So to answer your question, no, I don't believe this is a bug. :) Can you provide more info on exactly what you're doing when you get this error? Are you logging in with an Office 365 account or a Microsoft account (outlook.com, Hotmail.com, etc.)?
Update: The problem was caused by Microsoft accounts not understanding the Mail.ReadWrite.Shared
and ignoring it. The sandbox has been updated to request both the Mail.ReadWrite
and the Mail.ReadWrite.Shared
scopes.