Hi,
I'm using Azure Active Directory tenant along with Graph API to fetch groupclaims objectIDs.
However, it's failing with Forbidden error at runtime.
I used the same code with another Azure Active Directory tenant (which created almost 4 months back), it's working perfectly.
I have followed ditto to create new Azure Active Direct tenant and double checked configuration details in Azure management portal.
Even, I have created many times new Azure Active Directory tenant with the same steps (https://github.com/Azure-Samples/active-directory-dotnet-webapp-groupclaims) but still getting, Forbidden error.
{StatusCode: 403, ReasonPhrase: 'Forbidden', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:{ ocp-aad-diagnostics-server-name: a**********Bc= request-id: 9**_1 client-request-id: 4b_*********b9 x-ms-dirapi-data-contract-version: 1.5 x-ms-gateway-rewrite: false ocp-aad-session-key: GXB*********************5bi0 X-Content-Type-Options: nosniff DataServiceVersion: 3.0; Strict-Transport-Security: max-age=31536000; includeSubDomains Access-Control-Allow-Origin: * Duration: 1168232 Cache-Control: private Server: Microsoft-IIS/8.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET X-Powered-By: ASP.NET Date: Fri, 08 Jan 2016 23:29:43 GMT Content-Length: 139 Content-Type: application/json; odata=minimalmetadata; streaming=true; charset=utf-8}}
In general, Forbidden error is due to lack of permissions on the server, but another active directory tenant is working perfectly (which is also created by me 4 months back). There isn’t any configuration change between the working AAD Tenant and newly created one.
- Is there any recent changes in AAD creation?
- I’m using Microsoft Active Directory, do we need any configuration update from MSIT team on server side?
followed the steps: https://github.com/Azure-Samples/active-directory-dotnet-webapp-groupclaims
Could someone help me to fix this issue.
Thanks,
Pradeep