Graph API call List subscribedSkus states Insufficient privileges while privileges are given
I try to call GET https://graph.microsoft.com/v1.0/subscribedSkus
Its documentation is at https://learn.microsoft.com/en-us/graph/api/subscribedsku-list?view=graph-rest-1.0&tabs=http
And says: Organization.Read.All, Directory.Read.All, Organization.ReadWrite.All, Directory.ReadWrite.All
I have made an app on the Azure Portal with the specificed permissions (and more for other API calls):
- I have waited more then 5 minuts after granting the permissions
- I have even recreated the certificate (which in my knowledge is not needed)
- I can call
GET https://graph.microsoft.com/v1.0/{userId}/licenseDetailssuccessfully
Yet I can't call GET https://graph.microsoft.com/v1.0/subscribedSkus
I keep getting the following:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"date": "2023-08-17T08:55:23",
"request-id": "xxxxxx",
"client-request-id": "xxxxxxx"
}
}
}
What is going wrong here?
Edit: Tried the code of @Rukmini, with again an error of not having enough privaliges:
I created an Azure AD Application and granted API permission like below:
To fetch the subscribedSkus, I used the below code:
var scopes = new[] { "https://graph.microsoft.com/.default" };
var clientId = "ClientID";
var tenantId = "TenantID";
var clientSecret = "ClientSecret";
var options = new ClientSecretCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var result = await graphClient.SubscribedSkus.GetAsync();
Console.WriteLine("Subscribed SKUs:");
foreach (var sku in result.Value)
{
Console.WriteLine($"SkuId: {sku.SkuId}");
Console.WriteLine($"SkuName: {sku.AccountName}");
}
If still the issue persists, create a new Azure AD Application and check.