One Note Api rejects Bearer Token, Error 401

Question

I got a problem with sending bearer token to the One Note API.

String returnUri = "https://login.live.com/oauth20_token.srf";
HttpClient client = HttpClientBuilder.create().build();
HttpPost tokenRequest = new HttpPost(returnUri);
tokenRequest.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
tokenRequest.setEntity(new UrlEncodedFormEntity(Connection.getParametersForURLBody(), Consts.UTF_8));
tokenRequest.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0");
HttpResponse tokenResponse = client.execute(tokenRequest);
HttpGet getTopFiveNotebooks = new HttpGet("https://www.onenote.com/api/v1.0/me/notes/notebooks?top=5");

getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + Connection.getValueByKey("access_token", Connection.getTokenInJson(tokenResponse)));

I got the Bearer Token and the header of the HttpGet-Request looks like this, if I look at it in debug-mode:

But when I try to perform the get, the API gives me a 401 Unauthorized Error.

My Scope is scope=wl.basic+onedrive.readwrite, so the token should have all permissions it needs.

Update: If I login into https://apigee.com/onenote/embed/console/onenote/ with my microsoft-account and copy the access-token from there into this piece of code:

getTopFiveNotebooks.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + acces-key-from-the apigee-console)

it performs the get and give me Status 200 back instead of 401.

So is my permission scope wrong?

Edit: My Scope was false.

Answer 1

Yes, you don't have the right scopes.

https://msdn.microsoft.com/en-us/library/office/dn807159.aspx

You need at least "office.onenote" to be able to get the user's notebooks.

Btw, if you look at the body of the 401 response, you'll see which scopes are missing.