List Azure certification from Microsoft Learn profile using Graph API from .net 6 Azure Function
I'm trying to fetch Azure certification list from my Microsoft Learn profile (https://learn.microsoft.com/en-us/users/kuldeepsingh/credentials/certifications) using Graph API.
Azure Functions code to generate token:
string[] scopes = new string[] { $"{clientId}/.default" };
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithTenantId(tenantId)
.WithClientSecret(clientSecret)
.Build();
AuthenticationResult authResult = await confidentialClientApplication.AcquireTokenForClient(scopes).ExecuteAsync();
string authToken = authResult.AccessToken;
Console.WriteLine("Access token: {0}", authToken);
Steps
Registered an application in Azure AD with below permissions:
- MicrosoftGraph - User.Read
- MicrosoftGraph - Directory.Read.All
Generated Client Secret for registered application
Azure function in .net 6
- Used above AAD app registration to generate a bearer_token
- Call Microsoft Graph api by passing bearer_token in request header.
- API endpoint: https://graph.microsoft.com/beta/users/kuldeepsingh/profile/certifications
I'm getting 401 Unauthorized error. Appreciate any help in this context.
Ref: Microsoft documentation at https://learn.microsoft.com/en-us/graph/api/profile-list-certifications?view=graph-rest-beta&tabs=http
Tried option 1
App registration of type
Accounts in this organizational directory onlywith below permissions:- MicrosoftGraph - User.Read
- MicrosoftGraph - User.Read.All
Generate token using below scope:
string[] scopes = new string[] { $"https://graph.microsoft.com/.default" };Error:
"/me request is only valid with delegated authentication flow."
UPDATE:
As of now there is no sync between certifications from MS learn profile and /me/profile/certifications. So technically we can't fetch MS Learn certification using Graph APIs.
Note that: For work or school accounts, all delegated permissions are valid; however, not all of them are valid for Microsoft accounts used for personal use. Check this.
I created an Azure AD Application and granted User.Read API permission:
I generated access token with User.Read scope:
using Microsoft.Identity.Client;
string authority = "https://login.microsoftonline.com/TenantID";
string clientId = "ClientID";
string clientSecret = "ClientSecret";
string[] scopes = new string[] { "User.Read" };
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority(authority)
.WithClientSecret(clientSecret)
.Build();
var authRequestUrl = confidentialClientApplication.GetAuthorizationRequestUrl(scopes);
string authorizationCode = "Code";
AuthenticationResult authResult = await confidentialClientApplication.AcquireTokenByAuthorizationCode(scopes, authorizationCode).ExecuteAsync();
Console.WriteLine("Access token: {0}", authResult.AccessToken);
By using the above access token when I tried to call the User endpoint, I got the error like below:
GET https://graph.microsoft.com/beta/users/UserID/profile/certifications
Hence, to resolve the error instead of calling /users endpoint call /me endpoint to fetch the certificates of signed-in user:
GET https://graph.microsoft.com/beta/me/profile/certifications
According to the MsDoc, User.Read.All API permission does not support Microsoft Account and hence you are facing 401 error while access /users endpoint. These permissions are only available for work or school accounts (Azure AD accounts).
- To access the
certificationsfor a personal Microsoft account, you can use theUser.Readpermission and call the/meendpoint instead of the/users/idendpoint.
UPDATE:
To fetch the data from MS learn profile is not possible is no sync between your certifications in Microsoft Learn and /me/profile/certifications. Please raise a feature request.
Reference:
- When did C allow casting constants and variables to struct for assignment?
- Why in C can I initialize more values than the size of an array?
- Using c to create a file and write+read to it, what went wrong?
- Does write system call need the data to be read to give >-1 return?
- Difference between fgetc() and read() function in C
- How can I get to know the IP address for interfaces in C?
- read fails with EFAULT
- In this case, how to achieve modularity and information hiding at the same time?
- Are global variables always initialized to zero in C?
- OpenGL function calls seemingly affecting unrelated data
- What Values of Variables x and y Will Produce Incorrect Results When Testing for Overflow After Subtraction of x-y in the Following Program?
- How to write a general-type queue library in c?
- Which gcc and g++ version support which standard of c and c++?
- How to dereference a member in a struct whose definition is not visible?
- How to name a type in a meaningful way?
- What are Vectors and < > in C?
- Why does 1.0/100.0 == 0.1/10.0 give True?
- How to organize the receive msg and user current input in C network such that it's clean
- Using inclusive scan syntax in OpenMP in the C language
- Unable to understand context in book "OOP in C" by Axel Schreiner
- variable-length array in struct with TI compiler in C (socket programming)
- A faster way to test 32bpp DDBs for a valid Alpha channel
- How can I compile the zephyr example-application as a freestanding application?
- Why does my forked process sometimes overwrite data in a file?
- _Generic in C needs typecasting?
- Declaring/defining an unused variable changes the output from an unrelated variable
- How to use gdb to explore the stack/heap?
- How can I read an input string of unknown length?
- Confused by difference between expression inside if and expression outside if
- Fast Arc Cos algorithm?