Search code examples
pythonazuremicrosoft-graph-apimsal

Can't get OneNote data using graph api from microsoft

I'm trying to get a specific page data using the graph API.

If I try to run through https://developer.microsoft.com/en-us/graph/graph-explorer I can put it to work, also if I use the token generated there it also works fine in script.

But when I try to generate the code in the script and run myself I get a 404 error.

Here is the script:

from msal import ConfidentialClientApplication

authority = "https://login.microsoftonline.com/common"

#get connection to the API working



app = ConfidentialClientApplication(client_id, authority="https://login.microsoftonline.com/my-tenant-id", client_credential=client_secret)

result = app.acquire_token_for_client(['https://graph.microsoft.com/.default'])


if "access_token" in result:
    print('Access Token: ', result["access_token"])

    import requests
    #response = requests.get("https://graph.microsoft.com/v1.0/users", headers={'Authorization': 'Bearer {}'.format(result["access_token"])})
    response = requests.get("https://graph.microsoft.com/v1.0/users/myuser/onenote/pages/page-id/content", headers={'Authorization': 'Bearer '+result["access_token"]})

Azure Permissions: enter image description here

Error Screenshot: enter image description here

Graph Explorer enter image description here

Actually getting out of ideas on what I might be missing.

Already checked all the permissions over and over again.

Any suggestion would be much appreaciated.

Solution

  • Note that, Graph Explorer uses permissions of Delegated type that works based on signed-in user access.

    But, your python code uses client credentials flow to get token that works only with permissions of Application type. I have one sample page with below content in my OneNote notebook:

    enter image description here

    When I ran the API call via Graph Explorer, it worked and retrieved content as below:

    GET https://graph.microsoft.com/v1.0/users/myuser/onenote/pages/page-id/content

    Response:

    enter image description here

    But, when I do the same by running your python code granting permissions of Delegated type, I got 40004 error like this:

    enter image description here

    To resolve the error, make sure to grant Notes.Read.All Microsoft Graph permission of Application type with consent as below:

    enter image description here

    When I ran the code again after granting above permission, I got the response successfully with OneNote page content:

    from msal import ConfidentialClientApplication

client_id = "appID"
client_secret = "secret"
app = ConfidentialClientApplication(client_id, authority="https://login.microsoftonline.com/tenantId", client_credential=client_secret)

result = app.acquire_token_for_client(['https://graph.microsoft.com/.default'])

if "access_token" in result:
    print('Access Token: ', result["access_token"])
    print()
   
import requests
#response = requests.get("https://graph.microsoft.com/v1.0/users", headers={'Authorization': 'Bearer {}'.format(result["access_token"])})
response = requests.get("https://graph.microsoft.com/v1.0/users/[email protected]/onenote/pages/pageId/content", headers={'Authorization': 'Bearer '+result["access_token"]})

print(response.text)

    Response:

    enter image description here