Graph API - Getting "Insufficient privileges" while updating using Profile
We have an application in production environment, today we found an issue that while updating "othermails" attribute of user through graph api returns insufficient privilege error.It was working couple of days back.We are using client credential flow to get access token from azure.
While troubleshooting I find out that if directory role "Global administrator" is assigned to application admin user then application admin user can update othermails attribute. But couple of days back it was working fine without "Global administrator" role. We cannot give "Global administrator" directory role to all application admins, it was restriction imposed by our client.
Now, my question is why is working earlier and now not? Does Microsoft changes directory role definition or something?
Its seems you have encountered Insufficient privileges while updating user profile.
Does Microsoft changes directory role definition or something?
No Microsoft has not change any previous Role Definition so far.
In your case to Update user profile you need to have following permission to update user profile:
Note: Once you have above permission you could update user profile. You could also take a look here