I am trying to list the Outlook Task Folders using Microsoft Graph with POSTMan. Following is the URL I am using:
https://graph.microsoft.com/beta/me/outlook/taskFolders
After adding the Bearer Token in the request header, I am getting the following response Graph:
"code": "NoPermissionsInAccessToken",
"message": "The token contains no permissions, or permissions can not be understood.",
I have already enabled the following permissions:Tasks.ReadWrite.
What am I missing here?
I can reproduce your issue while using client credentials flow to get access token. I decode the access token and do not see the permission I assigned. As the article said:
The permission is delegated from the user to the application, usually during the consent process. However, in the client credentials flow, permissions are granted directly to the application itself. When the app presents a token to a resource, the resource enforces that the app itself has authorization to perform an action and not the user.
So, I suggest that you could use OAuth 2.0 authorization code flow to get the access token. And add your Tasks.Read permission in scope.
https://login.microsoftonline.com/xxxxx/oauth2/v2.0/authorize?
client_id=xxxxx
&response_type=code
&redirect_uri=https://localhost:123
&response_mode=query
&scope=https://graph.microsoft.com/Tasks.Read
For more details to get access token with auth code flow you could refer to this article.