Microsoft Graph 403

Hey all,

I have implemented SSO using Microsoft Graph.

It’s all pretty dandy, I can log in, get my personal info and send emails through my app…

However users from other organisations can log in, I can get their personal info but I cannot get the emails to send.

I get this error

Workflow error - The service Microsoft Graph V2 - Get Message just returned an error (HTTP 403). Please consult their documentation to ensure your call is setup properly. Raw error: {"error":{"code":"ErrorAccessDenied","message":"Access is denied. Check credentials and try again."}}

I’ve tried a bunch of stuff both on my tenant and another orgs tenant but i’m really struggling.

I am calling the login via a open external url, then doing some handballing with the tokens, if it all checks out I log the user in.

As far as sending the email, the first call I am doing is Create Draft Email using the api connector and this is where I am encountering the issue

This is the exact error

Workflow error - The service Microsoft Graph V2 - Get Message just returned an error (HTTP 403). Please consult their documentation to ensure your call is setup properly. Raw error: {"error":{"code":"ErrorAccessDenied","message":"Access is denied. Check credentials and try again."}}

Hi @chad5,

It may be an API permissions issue. If you are using a service principle, you need to have the correct MS Graph API permissions in place, presumably User.Read

I could be wrong on this, but this is just something that comes to mind regarding your issue.

I got it… I am using the create_draft endpoint and I did not have male.edit

I had mail.send mail.send.shared etc but was missing the one create_draft needed.

Damn it wasted at least a couple of hours

1 Like