So i'm trying to connect to office 365 api in order to obtain events for a user (Calendars.Read), in Azure Management Portal I set "APPLICATION IS MULTI-TENANT" and than started getting this error: "AADSTS90093: This operation can only be performed by an administrator. Sign out and sign in as an administrator or contact one of your organization's administrators." I tried altering the manifest according to this article: https://azure.microsoft.com/en-us/documentation/articles/active-directory-integrating-applications/ - the part with "To expose a web API to other applications" and adding the “origin”: “Application” in oauth2Permissions and generating a new id at the same time, it did not work and when i downloaded my manifest again only the id was changed, the field “origin”: “Application” was no where 2 be found - i tried adding other fields from such as appPermissions but still no luck - it seems that i can only edit existing fields in the manifest. Dose anyone have any idea what i should do to get passed the "AADSTS90093: This operation can only be performed by an administrator. Sign out and sign in as an administrator or contact one of your organization's administrators." error that i am getting ?
Asked
Active
Viewed 180 times
0
-
I'm trying to understand when the error occur. Is it when trying to connect to the Web API in Azure from a client or is it in the Web API in Azure when it calls O365? – Mattias Lindberg Sep 24 '15 at 08:42
-
It is when trying to connect (obtain oauth token) to the Web API in Azure from a client - if the client is from the same tenant - it works fine but if the client is from a different tenant i get that error. – Silviu Marinescu Sep 24 '15 at 14:30
-
Have you checked this sample: https://github.com/OfficeDev/O365-WebApp-MultiTenant // for multi-tenant authentication for Web Api. Hope this helps. – Mostafa Sep 24 '15 at 14:37
-
i did not - i figured every setting i needed was exposed in Azure Management Portal - and all my searches on google started with "Azure Management Portal" - i'l give it a try and tell you what happens, tnx – Silviu Marinescu Sep 24 '15 at 14:53
-
It may be a matter of how you're requesting the auth token. Can you post your auth code request/response, and your auth token request/response? – Jason Johnston Sep 24 '15 at 14:54
-
i do not think it is - since it works if the client is from the same tenant: this is the url: https://login.microsoftonline.com/common/oauth2/authorize?response_type=code&client_id=
&redirect_uri= – Silviu Marinescu Sep 24 '15 at 15:35&scope=https:%2f%2foutlook.office.com%2fcalendars.read&state= &prompt=login