M
Micster11
Guest
I am using the graph api with RestSharp to give users permission to read OneDrive files:
RestClient client = new RestClient("https://graph.microsoft.com/v1.0/me/drive/root:/" + parentFolder + "/" + file + ":/invite");
var request = new RestRequest(Method.POST);
request.AddHeader("Cache-Control", "no-cache");
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer " + accessToken);
request.AddParameter("application/json", "{\"recipients\": [{ \"email\": \"" + email + "\" } ], \"requireSignIn\": true, \"sendInvitation\": false, \"roles\": [\"read\"] }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
According to Send an invite to access an item - Microsoft Graph v1.0, the success response should be in the form:
{
"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#Collection(permission)",
"value":[
{
"@odata.type":"#microsoft.graph.permission",
"id":"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXY",
"roles":[
"read"
],
"grantedTo":
{
"user":
{
"id":"88902115-1090-4c29-9266-1b16b0a4cf64",
"displayName":"Test User"
}
}
}
]
}
But sometimes I get a response in the form:
{
"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#Collection(permission)",
"value":[
{
"@odata.type":"#microsoft.graph.permission",
"roles":[
"read"
],
"invitation":
{
"signInRequired":true
},
"link":
{
"type":"view",
"webUrl":"https://mydomain-my.sharepoint.com/...BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst"
}
}
]
}
Firstly is it OK to keep using Inviteover and over for the same user or should I be checking whether they already have rights and only use Invite when they don't have the desired permission (needing more calls to the Graph API)?
Secondly, the different response seems to be related to my domain. My users are logged in as aaa.bbb@mydomain.co.uk. This gives the supposedly correct response (without a webUrl). Looking at the OneDrive folder online, I can see that the permission has been granted, but the DriveItem's webUrl gives the user a permission error and won't open the file. If I use a breakpoint and change the email address to aaa.bbb@mydomain.onmicrosoft.com, I get the second response and the user can open the file using the webUrl in the response. This happens for users whether they were given the alias aaa.bbb@mydomain.onmicrosoft.com or not and I can't see this address anywhere in the user setup in Office Admin. Is there something wrong with the domain setup / anything I can check?
Continue reading...
RestClient client = new RestClient("https://graph.microsoft.com/v1.0/me/drive/root:/" + parentFolder + "/" + file + ":/invite");
var request = new RestRequest(Method.POST);
request.AddHeader("Cache-Control", "no-cache");
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer " + accessToken);
request.AddParameter("application/json", "{\"recipients\": [{ \"email\": \"" + email + "\" } ], \"requireSignIn\": true, \"sendInvitation\": false, \"roles\": [\"read\"] }", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
According to Send an invite to access an item - Microsoft Graph v1.0, the success response should be in the form:
{
"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#Collection(permission)",
"value":[
{
"@odata.type":"#microsoft.graph.permission",
"id":"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXY",
"roles":[
"read"
],
"grantedTo":
{
"user":
{
"id":"88902115-1090-4c29-9266-1b16b0a4cf64",
"displayName":"Test User"
}
}
}
]
}
But sometimes I get a response in the form:
{
"@odata.context":"https://graph.microsoft.com/v1.0/$metadata#Collection(permission)",
"value":[
{
"@odata.type":"#microsoft.graph.permission",
"roles":[
"read"
],
"invitation":
{
"signInRequired":true
},
"link":
{
"type":"view",
"webUrl":"https://mydomain-my.sharepoint.com/...BCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrst"
}
}
]
}
Firstly is it OK to keep using Inviteover and over for the same user or should I be checking whether they already have rights and only use Invite when they don't have the desired permission (needing more calls to the Graph API)?
Secondly, the different response seems to be related to my domain. My users are logged in as aaa.bbb@mydomain.co.uk. This gives the supposedly correct response (without a webUrl). Looking at the OneDrive folder online, I can see that the permission has been granted, but the DriveItem's webUrl gives the user a permission error and won't open the file. If I use a breakpoint and change the email address to aaa.bbb@mydomain.onmicrosoft.com, I get the second response and the user can open the file using the webUrl in the response. This happens for users whether they were given the alias aaa.bbb@mydomain.onmicrosoft.com or not and I can't see this address anywhere in the user setup in Office Admin. Is there something wrong with the domain setup / anything I can check?
Continue reading...